nessus_client 0.1.0 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CODE_OF_CONDUCT.md +71 -0
- data/CONTRIBUTING.md +7 -0
- data/README.md +73 -9
- data/lib/modules/exports.rb +33 -11
- data/lib/modules/folders.rb +14 -8
- data/lib/modules/policies.rb +39 -3
- data/lib/modules/scans.rb +40 -17
- data/lib/modules/server.rb +16 -0
- data/lib/modules/session.rb +62 -0
- data/lib/modules/tokens.rb +26 -0
- data/lib/nessus_client.rb +45 -44
- data/lib/nessus_client/exception.rb +9 -2
- data/lib/nessus_client/request.rb +81 -49
- data/lib/nessus_client/resource.rb +4 -0
- data/lib/nessus_client/version.rb +4 -1
- metadata +95 -21
- data/lib/nessus_client/session.rb +0 -56
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 97155cc8a1019ff1a15883a8b3749b6702a4baf9aed454655a3f92ea49d06c22
|
4
|
+
data.tar.gz: 35b2dc0e7b0bc0ca9f32e92ffcadc8e01fed7de5140f8a9637081c716201438d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3f4be80be45b124d81426674079fef9315366e91114854e7e20caa0090df53ea9aeb2f60e8f18ebd57ecb3e811846ba5e17cd4b02ffdd8f258d65f2bc27be75b
|
7
|
+
data.tar.gz: 6de44d65aae4427ca4ae24a098012fb2131cc7cd506de51d601a7d5cfe7f058144f0391bfc6234d6fae1d3da3701fe63f761a579980b1c07713618398415e7fb
|
data/CODE_OF_CONDUCT.md
ADDED
@@ -0,0 +1,71 @@
|
|
1
|
+
# The NessusClient - Contributor Covenant Code of Conduct
|
2
|
+
|
3
|
+
## Our Pledge
|
4
|
+
|
5
|
+
In the interest of fostering an open and welcoming environment, we as
|
6
|
+
contributors and maintainers pledge to making participation in our project and
|
7
|
+
our community a harassment-free experience for everyone, regardless of age, body
|
8
|
+
size, disability, ethnicity, gender identity and expression, level of experience,
|
9
|
+
nationality, personal appearance, race, religion, or sexual identity and
|
10
|
+
orientation.
|
11
|
+
|
12
|
+
## Our Standards
|
13
|
+
|
14
|
+
Examples of behavior that contributes to creating a positive environment
|
15
|
+
include:
|
16
|
+
|
17
|
+
* Using welcoming and inclusive language
|
18
|
+
* Being respectful of differing viewpoints and experiences
|
19
|
+
* Gracefully accepting constructive criticism
|
20
|
+
* Focusing on what is best for the community
|
21
|
+
* Showing empathy towards other community members
|
22
|
+
|
23
|
+
Examples of unacceptable behavior by participants include:
|
24
|
+
|
25
|
+
* The use of sexualized language or imagery and unwelcome sexual attention or
|
26
|
+
advances
|
27
|
+
* Trolling, insulting/derogatory comments, and personal or political attacks
|
28
|
+
* Public or private harassment
|
29
|
+
* Publishing others' private information, such as a physical or electronic
|
30
|
+
address, without explicit permission
|
31
|
+
* Other conduct which could reasonably be considered inappropriate in a
|
32
|
+
professional setting
|
33
|
+
|
34
|
+
## Our Responsibilities
|
35
|
+
|
36
|
+
Project maintainers are responsible for clarifying the standards of acceptable
|
37
|
+
behavior and are expected to take appropriate and fair corrective action in
|
38
|
+
response to any instances of unacceptable behavior.
|
39
|
+
|
40
|
+
Project maintainers have the right and responsibility to remove, edit, or
|
41
|
+
reject comments, commits, code, wiki edits, issues, and other contributions
|
42
|
+
that are not aligned to this Code of Conduct, or to ban temporarily or
|
43
|
+
permanently any contributor for other behaviors that they deem inappropriate,
|
44
|
+
threatening, offensive, or harmful.
|
45
|
+
|
46
|
+
## Scope
|
47
|
+
|
48
|
+
This Code of Conduct applies both within project spaces and in public spaces
|
49
|
+
when an individual is representing the project or its community. Examples of
|
50
|
+
representing a project or community include using an official project e-mail
|
51
|
+
address, posting via an official social media account, or acting as an appointed
|
52
|
+
representative at an online or offline event. Representation of a project may be
|
53
|
+
further defined and clarified by project maintainers.
|
54
|
+
|
55
|
+
## Enforcement
|
56
|
+
|
57
|
+
All complaints will be reviewed and investigated and will result in a response that
|
58
|
+
is deemed necessary and appropriate to the circumstances. The project team is
|
59
|
+
obligated to maintain confidentiality with regard to the reporter of an incident.
|
60
|
+
Further details of specific enforcement policies may be posted separately.
|
61
|
+
|
62
|
+
Project maintainers who do not follow or enforce the Code of Conduct in good
|
63
|
+
faith may face temporary or permanent repercussions as determined by other
|
64
|
+
members of the project's leadership.
|
65
|
+
|
66
|
+
## Attribution
|
67
|
+
|
68
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
|
69
|
+
available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
|
70
|
+
|
71
|
+
[homepage]: https://www.contributor-covenant.org
|
data/CONTRIBUTING.md
CHANGED
data/README.md
CHANGED
@@ -1,14 +1,20 @@
|
|
1
|
-
|
1
|
+
NessusClient
|
2
2
|
=========
|
3
|
-
**Ruby wrapper for Nessus API**
|
4
3
|
|
5
|
-
|
6
|
-
|
7
|
-
* [Changelog]
|
8
|
-
* [Rubygem]
|
4
|
+
Usable, fast, simple Ruby gem for Tenable Nessus Pro from v7.0.1 to v8.3.1
|
5
|
+
NessusClient was designed to be simple, fast and performant through communication with Nessus over REST interface.
|
9
6
|
|
7
|
+
[](https://badge.fury.io/rb/nessus_client)
|
8
|
+
[](https://codeclimate.com/github/heyder/nessus_client/maintainability)
|
9
|
+
[](https://codecov.io/gh/heyder/nessus_client)
|
10
|
+
[](http://inch-ci.org/github/heyder/nessus_client)
|
11
|
+
|
12
|
+
**Ruby gem for Nessus API**
|
13
|
+
|
14
|
+
* [Source Code](https://github.com/heyder/nessus_client)
|
15
|
+
* [API documentation](https://rubydoc.info/github/heyder/nessus_client/master)
|
16
|
+
* [Rubygem](https://rubygems.org/gems/nessus_client)
|
10
17
|
|
11
|
-
Ruby wrapper for Nessus API (all verions)
|
12
18
|
|
13
19
|
## Contact
|
14
20
|
|
@@ -22,17 +28,75 @@ with some common problems to check out before creating an issue.
|
|
22
28
|
Getting started
|
23
29
|
---------------
|
24
30
|
|
31
|
+
```ruby
|
32
|
+
require 'nessus_client'
|
33
|
+
|
34
|
+
nc = NessusClient.new( { :uri=>'https://localhost:8834', :username=>'username',:password=> 'password'} )
|
35
|
+
status = nc.server_status
|
36
|
+
puts status
|
37
|
+
puts nc.server_properties
|
38
|
+
|
39
|
+
if status['status'] == 'ready'
|
40
|
+
scan_id = nc.get_scan_by_name('Monthly Scan')
|
41
|
+
scan_uuid = nc.launch_by_name( 'Monthly Scan', ['127.0.0.1'])['scan_uuid']
|
42
|
+
|
43
|
+
loop do
|
44
|
+
puts `clear`
|
45
|
+
scan_status = nc.scan_details( scan_id )["info"]["status"]
|
46
|
+
puts " #{scan_id} - #{scan_uuid} - #{scan_status} "
|
47
|
+
sleep 5
|
48
|
+
if ["completed","canceled"].include? scan_status
|
49
|
+
export_request = nc.export_request(scan_id, "nessus" )
|
50
|
+
puts " export request: #{export_request}"
|
51
|
+
while true do
|
52
|
+
puts `clear`
|
53
|
+
export_status = nc.token_status( export_request['token'])["status"]
|
54
|
+
puts " export status: #{export_status}"
|
55
|
+
sleep 5
|
56
|
+
if export_status == "ready"
|
57
|
+
puts " downloading..."
|
58
|
+
open("scan_report", "wb") do |file|
|
59
|
+
file.write(nc.token_download( export_request['token'] ))
|
60
|
+
end
|
61
|
+
exit 0
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
```
|
68
|
+
|
69
|
+
## Installation
|
70
|
+
|
71
|
+
Add this line to your application's Gemfile:
|
72
|
+
|
73
|
+
gem 'nessus_client'
|
74
|
+
|
75
|
+
And then execute:
|
76
|
+
|
77
|
+
$ bundle
|
78
|
+
|
79
|
+
Or install it yourself as:
|
80
|
+
|
81
|
+
$ gem install nessus_client
|
82
|
+
|
83
|
+
## Requirements
|
25
84
|
|
85
|
+
Requirements are Exon for HTTP(S) and Oj parsing:
|
26
86
|
|
87
|
+
```ruby
|
88
|
+
require 'excon'
|
89
|
+
require 'oj'
|
90
|
+
```
|
27
91
|
|
28
92
|
## Code of Conduct
|
29
93
|
|
30
94
|
Everyone participating in this project's development, issue trackers and other channels is expected to follow our
|
31
|
-
[Code of Conduct](./CODE_OF_CONDUCT.md)
|
95
|
+
[Code of Conduct](./CODE_OF_CONDUCT.md).
|
32
96
|
|
33
97
|
## Contributing
|
34
98
|
|
35
|
-
See the [contributing guide](
|
99
|
+
See the [contributing guide](./CONTRIBUTING.md).
|
36
100
|
|
37
101
|
## Copyright
|
38
102
|
|
data/lib/modules/exports.rb
CHANGED
@@ -1,15 +1,37 @@
|
|
1
|
-
#
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
3
|
+
# Namespace for Exports resource.
|
4
|
+
module Resource::Exports
|
5
|
+
# Export the given scan. Once requested, the file can be downloaded using the Resource::Tokens.token_download method upon receiving a "ready" status from the Resource::Tokens#token_status method. You can also use the older Resource::Exports#export_status and Resource::Exports#export_download methods.
|
6
|
+
# @param [String] scan_id The export uuid string.
|
7
|
+
# @param [String] format The file format to use (Nessus, HTML, PDF, CSV, or DB).
|
8
|
+
# @return [JSON]
|
9
|
+
def export_request(scan_id, format = 'nessus')
|
10
|
+
payload = { format: format }
|
11
|
+
request.post({ path: "/scans/#{scan_id}/export", payload: payload, headers: headers })
|
8
12
|
end
|
9
|
-
|
10
|
-
|
13
|
+
|
14
|
+
# Check the file status of an exported scan. When an export has been requested, it is necessary to poll this resource until a "ready" status is returned, at which point the file is complete and can be downloaded using the export download resource.
|
15
|
+
# @param [String] scan_id The identifier for the scan. This identifier can be the either the 'schedule_uuid' or the numeric 'id' attribute for the scan. We recommend that you use 'schedule_uuid'.
|
16
|
+
# @param [String] file_id The ID of the file to poll (Included in response from #export_request).
|
17
|
+
# @return [JSON]
|
18
|
+
# @example Checking the status of a export.
|
19
|
+
# export_status = nc.export_status( "15", "cd956" )
|
20
|
+
# return true if export_status["status"] == "ready"
|
21
|
+
def export_status(scan_id, file_id)
|
22
|
+
request.get({ path: "/scans/#{scan_id}/export/#{file_id}/status", headers: headers })
|
11
23
|
end
|
12
|
-
|
13
|
-
|
24
|
+
|
25
|
+
# Download exported scan.
|
26
|
+
# @param [String] scan_id The identifier for the scan. This identifier can be the either the 'schedule_uuid' or the numeric 'id' attribute for the scan. We recommend that you use 'schedule_uuid'.
|
27
|
+
# @param [String] file_id The ID of the file to poll (Included in response from #export_request).
|
28
|
+
# @return [JSON]
|
29
|
+
# @example Download a ready export.
|
30
|
+
# export = nc.export_download( '17', '46b78587')
|
31
|
+
# open("scan_report", "wb") do |file|
|
32
|
+
# file.write( export )
|
33
|
+
# end
|
34
|
+
def export_download(scan_id, file_id)
|
35
|
+
request.get({ path: "/scans/#{scan_id}/export/#{file_id}/download", headers: headers })
|
14
36
|
end
|
15
|
-
end
|
37
|
+
end
|
data/lib/modules/folders.rb
CHANGED
@@ -1,12 +1,18 @@
|
|
1
|
-
#
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
-
|
4
|
-
|
3
|
+
# Namespace for Folders resource.
|
4
|
+
module Resource::Folders
|
5
|
+
# Get the list of folders from the resource.
|
6
|
+
# @return [JSON]
|
5
7
|
def list_folders
|
6
|
-
|
8
|
+
request.get({ path: '/folders', headers: headers })
|
7
9
|
end
|
8
|
-
|
9
|
-
|
10
|
-
|
10
|
+
|
11
|
+
# Create a folder into the resource.
|
12
|
+
# @param [String] folder_name The name of the folder the will be created.
|
13
|
+
# @return [JSON]
|
14
|
+
def create_folder(folder_name)
|
15
|
+
payload = { name: folder_name }
|
16
|
+
request.post({ path: '/folders', payload: payload, headers: headers })
|
11
17
|
end
|
12
|
-
end
|
18
|
+
end
|
data/lib/modules/policies.rb
CHANGED
@@ -1,7 +1,43 @@
|
|
1
|
-
#
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
-
|
3
|
+
# Namespace for Policies resource.
|
4
|
+
module Resource::Policies
|
5
|
+
# List the scan polices.
|
6
|
+
# @return [JSON] list of policies.
|
4
7
|
def policies
|
5
|
-
|
8
|
+
request.get({ path: '/policies', headers: headers })
|
9
|
+
end
|
10
|
+
|
11
|
+
# Get id of a policy by its name.
|
12
|
+
# @param [String] policy name.
|
13
|
+
# @return [Integer] ID of a policy.
|
14
|
+
def get_policy_id_by_name(policy_name)
|
15
|
+
policies['policies'].each do |policy|
|
16
|
+
return policy['id'] if policy['name'] == policy_name
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
# Get a policy by its name.
|
21
|
+
# @param [String] policy name.
|
22
|
+
# @return [JSON] policy object.
|
23
|
+
def get_policy_by_name(policy_name)
|
24
|
+
policy_id = get_policy_id_by_name(policy_name)
|
25
|
+
request.get({ path: "/policies/#{policy_id}", headers: headers })
|
26
|
+
end
|
27
|
+
|
28
|
+
# Get a list of credentials from a policy.
|
29
|
+
# @param [String] policy name.
|
30
|
+
# @return [JSON] credential list
|
31
|
+
def list_credentials_by_policy_name(policy_name)
|
32
|
+
get_policy_by_name(policy_name)['credentials']
|
33
|
+
end
|
34
|
+
|
35
|
+
# update a scan policy.
|
36
|
+
# @param [String] policy name.
|
37
|
+
# @param [String] history_id (nil) The `history_id` of a scan.
|
38
|
+
# @return nil
|
39
|
+
def update_policy_by_name(policy_name, payload)
|
40
|
+
id = get_policy_id_by_name(policy_name)
|
41
|
+
request.put({ path: "/policies/#{id}", headers: headers, payload: payload })
|
6
42
|
end
|
7
43
|
end
|
data/lib/modules/scans.rb
CHANGED
@@ -1,27 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
|
2
|
-
|
3
|
+
# Namespace for Scans resource.
|
4
|
+
module Resource::Scans
|
5
|
+
# List scans from the resource.
|
6
|
+
# @param [String] folder_id (nil) The name of a alredy created scan.
|
7
|
+
# @return [JSON]
|
8
|
+
def list_scans(folder_id = nil)
|
9
|
+
query = folder_id.nil? ? nil : { 'folder_id' => folder_id }
|
10
|
+
request.get({ path: '/scans', query: query, headers: headers })
|
11
|
+
end
|
12
|
+
alias scans list_scans
|
3
13
|
|
4
|
-
|
5
|
-
|
6
|
-
|
14
|
+
# See details of a scan.
|
15
|
+
# @param [String] scan_id The `uuid` of a scan.
|
16
|
+
# @param [String] history_id (nil) The `history_id` of a scan.
|
17
|
+
# @return [JSON]
|
18
|
+
def scan_details(scan_id, history_id = nil)
|
19
|
+
query = history_id.nil? ? nil : { 'history_id' => history_id }
|
20
|
+
request.get({ path: "/scans/#{scan_id}", query: query, headers: headers })
|
7
21
|
end
|
8
|
-
alias_method :scans, :list_scans
|
9
22
|
|
10
|
-
|
11
|
-
|
12
|
-
|
23
|
+
# Lauch a scan by its id
|
24
|
+
# @param [Integer] scan_id The ID of a alredy created scan.
|
25
|
+
# @param [Array<String>] targets comma separeted new target to be scanned.
|
26
|
+
# @return [JSON]
|
27
|
+
def launch(scan_id, targets = [])
|
28
|
+
payload = { alt_targets: targets } unless targets.empty?
|
29
|
+
request.post({ path: "/scans/#{scan_id}/launch", payload: payload, headers: headers })
|
13
30
|
end
|
14
31
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
32
|
+
# Lauch a scan by its name
|
33
|
+
# @param [String] scan_name The name of a alredy created scan.
|
34
|
+
# @param [Array<String>] targets comma separeted new target to be scanned.
|
35
|
+
# @return [JSON]
|
36
|
+
def launch_by_name(scan_name, targets = [])
|
37
|
+
scan_id = get_scan_by_name(scan_name)
|
38
|
+
launch(scan_id, targets)
|
19
39
|
end
|
20
40
|
|
21
|
-
|
22
|
-
|
23
|
-
|
41
|
+
# Get a scan by its name
|
42
|
+
# @param [String] folder_id The id of the folder to look into.
|
43
|
+
# @param [String] scan_name The name of the scan to look for.
|
44
|
+
# @return [String, nil] The uuid of the scan.
|
45
|
+
def get_scan_by_name(scan_name, folder_id = nil)
|
46
|
+
list_scans(folder_id)['scans'].each do |scan|
|
47
|
+
return scan['id'] if scan['name'] == scan_name
|
24
48
|
end
|
25
49
|
end
|
26
|
-
|
27
|
-
end
|
50
|
+
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Namespace for Server resource.
|
4
|
+
module Resource::Server
|
5
|
+
# Returns the server status.
|
6
|
+
# @return [JSON] Returns the server status
|
7
|
+
def server_status
|
8
|
+
request.get({ path: '/server/status', headers: headers })
|
9
|
+
end
|
10
|
+
|
11
|
+
# Returns the server version and other properties.
|
12
|
+
# @return [JSON] Returns the server properties
|
13
|
+
def server_properties
|
14
|
+
request.get({ path: '/server/properties', headers: headers })
|
15
|
+
end
|
16
|
+
end
|
@@ -0,0 +1,62 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Namespace for Session resource.
|
4
|
+
module Resource::Session
|
5
|
+
# @return [Boolean] whether has a session.
|
6
|
+
attr_reader :session
|
7
|
+
|
8
|
+
@session = false
|
9
|
+
|
10
|
+
# Autenticate into Nessus resource.
|
11
|
+
# @param [String] username
|
12
|
+
# @param [String] password
|
13
|
+
# @return [nil]
|
14
|
+
# @raise [NessusClient::Error] Unable to authenticate.
|
15
|
+
# @todo Validate response token format
|
16
|
+
def set_session(username, password)
|
17
|
+
payload = {
|
18
|
+
username: username,
|
19
|
+
password: password
|
20
|
+
}
|
21
|
+
|
22
|
+
resp = request.post({ path: '/session', payload: payload, headers: headers })
|
23
|
+
# binding.pry
|
24
|
+
if !resp.key?('token')
|
25
|
+
raise NessusClient::Error, 'Unable to authenticate.'
|
26
|
+
elsif !resp['token'].match(/(?<token>[a-z0-9]{48})/)
|
27
|
+
raise NessusClient::Error, 'The token doesnt match with the pattern.'
|
28
|
+
end
|
29
|
+
|
30
|
+
headers.update('X-Cookie' => 'token=' + resp['token'])
|
31
|
+
@session = true
|
32
|
+
api_token = set_api_token
|
33
|
+
headers.update('X-API-Token' => api_token) if api_token
|
34
|
+
rescue NessusClient::Error => e
|
35
|
+
raise e
|
36
|
+
end
|
37
|
+
alias session_create set_session
|
38
|
+
|
39
|
+
# Destroy the current session.
|
40
|
+
def destroy
|
41
|
+
request.delete({ path: '/session', headers: headers })
|
42
|
+
@session = false
|
43
|
+
end
|
44
|
+
alias logout destroy
|
45
|
+
|
46
|
+
private
|
47
|
+
|
48
|
+
# Set the API Token from legacy Nessus version
|
49
|
+
# @raise [NessusClient::Error] Unable to get API Token.
|
50
|
+
# @todo To get it direct from the session authentication on v6.x
|
51
|
+
def set_api_token
|
52
|
+
response = request.get({ path: '/nessus6.js', headers: headers })
|
53
|
+
response.match(/return"(\w{8}-(?:\w{4}-){3}\w{12})"\}/)
|
54
|
+
unless Regexp.last_match(1)
|
55
|
+
raise NessusClient::Error, "Unable to get API Token. Some features won't work."
|
56
|
+
end
|
57
|
+
rescue NessusClient::Error => e
|
58
|
+
puts e.message
|
59
|
+
else
|
60
|
+
Regexp.last_match(1)
|
61
|
+
end
|
62
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Namespace for tokens resource.
|
4
|
+
module Resource::Tokens
|
5
|
+
# Check the status of a export request
|
6
|
+
# @param [String] export_uuid The export uuid string.
|
7
|
+
# @return [JSON]
|
8
|
+
# @example Checking the status of a export.
|
9
|
+
# export_status = nc.export_status( "73376c41-1508-46b7-8587-483d159cd956" )
|
10
|
+
# return true if export_status["status"] == "ready"
|
11
|
+
def token_status(export_uuid)
|
12
|
+
request.get({ path: "/tokens/#{export_uuid}/status", headers: headers })
|
13
|
+
end
|
14
|
+
|
15
|
+
# Check the download of a export request
|
16
|
+
# @param [String] export_uuid The export uuid string.
|
17
|
+
# @return [JSON] (@see #format)
|
18
|
+
# @example Download a ready export.
|
19
|
+
# export = nc.export_download( '73376c41-1508-46b7-8587-483d159cd956')
|
20
|
+
# open("scan_report", "wb") do |file|
|
21
|
+
# file.write( export )
|
22
|
+
# end
|
23
|
+
def token_download(export_uuid)
|
24
|
+
request.get({ path: "/tokens/#{export_uuid}/download", headers: headers })
|
25
|
+
end
|
26
|
+
end
|
data/lib/nessus_client.rb
CHANGED
@@ -1,53 +1,54 @@
|
|
1
|
-
#
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
2
3
|
require_relative 'nessus_client/version'
|
3
4
|
require_relative 'nessus_client/exception'
|
5
|
+
require_relative 'nessus_client/resource'
|
4
6
|
|
5
|
-
Dir[File.join(__dir__, 'modules', '*.rb')].each { |file| require file }
|
7
|
+
Dir[File.join(__dir__, 'modules', '*.rb')].sort.each { |file| require file }
|
6
8
|
|
9
|
+
# Nessus resource abstraction.
|
7
10
|
class NessusClient
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
11
|
+
# @return [NessusClient::Request] Instance HTTP request object.
|
12
|
+
# @see NessusClient::Request
|
13
|
+
attr_reader :request
|
14
|
+
# @return [Boolean] whether has a session.
|
15
|
+
attr_reader :session
|
16
|
+
# @return [Hash] Instance current HTTP headers.
|
17
|
+
attr_reader :headers
|
18
|
+
|
19
|
+
include Resource::Exports
|
20
|
+
include Resource::Folders
|
21
|
+
include Resource::Policies
|
22
|
+
include Resource::Scans
|
23
|
+
include Resource::Server
|
24
|
+
include Resource::Session
|
25
|
+
include Resource::Tokens
|
26
|
+
|
27
|
+
autoload :Request, 'nessus_client/request'
|
28
|
+
|
29
|
+
# @param [Hash] params the options to create a NessusClient with.
|
30
|
+
# @option params [String] :uri ('https://localhost:8834/') Nessus resource to connect with
|
31
|
+
# @option params [String] :username (nil) Username to use in the connection
|
32
|
+
# @option params [String] :password (nil) Password to use in the connection
|
33
|
+
# @option params [String] :ssl_verify_peer (true) Whether should check valid SSL certificate
|
34
|
+
def initialize(params = {})
|
35
|
+
default_params = {
|
36
|
+
uri: 'https://localhost:8834/',
|
37
|
+
username: nil,
|
38
|
+
password: nil,
|
39
|
+
ssl_verify_peer: true
|
40
|
+
}
|
41
|
+
params = default_params.merge(params)
|
42
|
+
req_params = params.select { |key, _value| %i[uri ssl_verify_peer].include?(key) }
|
43
|
+
|
44
|
+
@request = NessusClient::Request.new(req_params)
|
45
|
+
@headers = NessusClient::Request::DEFAULT_HEADERS.dup
|
46
|
+
set_session(params.fetch(:username), params.fetch(:password))
|
43
47
|
end
|
44
48
|
|
49
|
+
# Gets NessusClient::Session authentication status.
|
50
|
+
# @return [Boolean] whether NessusClient has successfully authenticated.
|
45
51
|
def has_session?
|
46
|
-
|
52
|
+
session
|
47
53
|
end
|
48
|
-
|
49
|
-
def status
|
50
|
-
self.request.get( "/server/status" )
|
51
|
-
end
|
52
|
-
|
53
|
-
end
|
54
|
+
end
|
@@ -1,7 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class NessusClient
|
4
|
+
# Abstract Error class for NessusClient.
|
2
5
|
class Error < ::StandardError
|
3
|
-
|
6
|
+
# Raise a custom error namespace.
|
7
|
+
# @param [String] msg The exception message.
|
8
|
+
# @example
|
9
|
+
# NessusClient::Error.new('This is a custom error.')
|
10
|
+
def initialize(msg)
|
4
11
|
super
|
5
12
|
end
|
6
13
|
end
|
7
|
-
end
|
14
|
+
end
|
@@ -1,76 +1,108 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'excon'
|
2
|
-
require '
|
3
|
-
# require 'pry'
|
4
|
-
class NessusClient
|
4
|
+
require 'oj'
|
5
5
|
|
6
|
-
|
7
|
-
#
|
8
|
-
|
6
|
+
class NessusClient
|
7
|
+
# Abstract http request class for NessusClient.
|
8
|
+
# Provides some helper methods for perform HTTP requests.
|
9
9
|
class Request
|
10
|
-
#
|
11
|
-
attr_reader
|
10
|
+
# @return [String] The base url of the API.
|
11
|
+
attr_reader :url
|
12
12
|
|
13
|
+
# Default HTTP header to be used on the requests.
|
13
14
|
DEFAULT_HEADERS = {
|
14
|
-
|
15
|
-
|
16
|
-
}
|
15
|
+
'User-Agent' => 'NessusClient::Request - rubygems.org nessus_client',
|
16
|
+
'Content-Type' => 'application/json'
|
17
|
+
}.freeze
|
17
18
|
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
19
|
+
# @param [Hash] params the options to create a NessusClient::Request with.
|
20
|
+
# @option params [String] :uri ('https://localhost:8834/') Nessus server to connect with
|
21
|
+
# @option params [String] :ssl_verify_peer (true) Whether should check valid SSL certificate
|
22
|
+
def initialize(params = {})
|
23
|
+
params = { uri: nil }.merge(params)
|
24
|
+
@ssl_verify_peer = params[:ssl_verify_peer] ? true : false
|
25
|
+
@url = NessusClient::Request.uri_parse(params.fetch(:uri))
|
26
|
+
end
|
24
27
|
|
25
|
-
#
|
26
|
-
#
|
27
|
-
#
|
28
|
-
|
29
|
-
|
28
|
+
# Perform a HTTP GET request.
|
29
|
+
# @param [Hash] opts to use in the request.
|
30
|
+
# @option opts [String] path The URI path to perform the request.
|
31
|
+
# @option opts [String] payload The HTTP body to send.
|
32
|
+
# @option opts [String] query The URI query to send.
|
33
|
+
# @return [Hash, String] The body of the resposnse if there is any.
|
34
|
+
def get(opts = {})
|
35
|
+
http_request(opts, :get)
|
30
36
|
end
|
31
|
-
|
32
|
-
|
33
|
-
|
37
|
+
|
38
|
+
# Perform a HTTP POST request.
|
39
|
+
# @param [Hash] opts to use in the request.
|
40
|
+
# @option opts [String] path The URI path to perform the request.
|
41
|
+
# @option opts [String] payload The HTTP body to send.
|
42
|
+
# @option opts [String] query The URI query to send.
|
43
|
+
# @return [Hash, String] The body of the resposnse if there is any.
|
44
|
+
def post(opts = {})
|
45
|
+
http_request(opts, :post)
|
34
46
|
end
|
35
47
|
|
36
|
-
|
37
|
-
|
48
|
+
# Perform a HTTP PUT request.
|
49
|
+
# @param [Hash] opts to use in the request.
|
50
|
+
# @option opts [String] path The URI path to perform the request.
|
51
|
+
# @option opts [String] payload The HTTP body to send.
|
52
|
+
# @option opts [String] query The URI query to send.
|
53
|
+
# @return [Hash, String] The body of the resposnse if there is any.
|
54
|
+
def put(opts = {})
|
55
|
+
http_request(opts, :put)
|
38
56
|
end
|
39
57
|
|
40
|
-
|
41
|
-
|
58
|
+
# Perform a HTTP DELETE request.
|
59
|
+
# @param [Hash] opts to use in the request.
|
60
|
+
# @option opts [String] path The URI path to perform the request.
|
61
|
+
# @option opts [String] payload The HTTP body to send.
|
62
|
+
# @option opts [String] query The URI query to send.
|
63
|
+
# @return [Hash, String] The body of the resposnse if there is any.
|
64
|
+
def delete(opts = {})
|
65
|
+
http_request(opts, :delete)
|
42
66
|
end
|
43
67
|
|
44
|
-
|
45
|
-
|
68
|
+
# Parse a receiveid string against the URI stantard.
|
69
|
+
# @param [String] uri A string to be validate URI.
|
70
|
+
# @return [String] A string uri.
|
71
|
+
def self.uri_parse(uri)
|
72
|
+
url = URI.parse(uri)
|
46
73
|
raise URI::InvalidURIError unless url.scheme
|
47
|
-
|
74
|
+
|
75
|
+
url.to_s
|
48
76
|
end
|
49
77
|
|
50
78
|
private
|
51
79
|
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
80
|
+
# @private HTTP request abstraction to be used.
|
81
|
+
# @param [Symbol] method The HTTP method to be used on the request.
|
82
|
+
# @param [Hash] args Parameters to use in the request.
|
83
|
+
# @option args [String] path (nil) The URI path to perform the request.
|
84
|
+
# @option args [String] payload (nil) The HTTP body to send.
|
85
|
+
# @option args [String] query (nil) The URI query to send.
|
86
|
+
# @option args [String] headers (nil) The headers to send.
|
87
|
+
# @return [Hash, String] The body of the resposnse if there is any.
|
88
|
+
def http_request(args, method = :get)
|
89
|
+
opts = { path: nil, payload: nil, query: nil, headers: nil }.merge(args)
|
90
|
+
connection = Excon.new(@url, { ssl_verify_peer: @ssl_verify_peer })
|
91
|
+
body = opts[:payload] ? Oj.dump(opts[:payload], mode: :compat) : ''
|
57
92
|
options = {
|
58
93
|
method: method,
|
59
|
-
path: path,
|
94
|
+
path: opts.fetch(:path),
|
60
95
|
body: body,
|
61
|
-
query: query,
|
62
|
-
headers:
|
63
|
-
ssl_verify_peer: @@ssl_verify_peer,
|
64
|
-
#idempotent: true,
|
65
|
-
#proxy: "http://127.0.0.1:8080",
|
96
|
+
query: opts.fetch(:query),
|
97
|
+
headers: opts.fetch(:headers),
|
66
98
|
expects: [200, 201]
|
67
99
|
}
|
68
|
-
response = connection.request(
|
69
|
-
|
70
|
-
|
71
|
-
|
100
|
+
response = connection.request(options)
|
101
|
+
ret = Oj.load(response.body) # if response.body.length > 0
|
102
|
+
rescue Oj::ParseError
|
103
|
+
response.body
|
104
|
+
else
|
105
|
+
ret
|
72
106
|
end
|
73
|
-
|
74
107
|
end
|
75
|
-
|
76
108
|
end
|
metadata
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nessus_client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Heyder
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
date: 2018-11-28 00:00:00.000000000 Z
|
@@ -14,16 +14,22 @@ dependencies:
|
|
14
14
|
name: excon
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 0.73.0
|
17
20
|
- - "~>"
|
18
21
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
22
|
+
version: '0.73'
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 0.73.0
|
24
30
|
- - "~>"
|
25
31
|
- !ruby/object:Gem::Version
|
26
|
-
version: '0.
|
32
|
+
version: '0.73'
|
27
33
|
- !ruby/object:Gem::Dependency
|
28
34
|
name: oj
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -39,47 +45,53 @@ dependencies:
|
|
39
45
|
- !ruby/object:Gem::Version
|
40
46
|
version: '3.7'
|
41
47
|
- !ruby/object:Gem::Dependency
|
42
|
-
name:
|
48
|
+
name: bundler
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
44
50
|
requirements:
|
45
51
|
- - "~>"
|
46
52
|
- !ruby/object:Gem::Version
|
47
|
-
version: '
|
48
|
-
type: :
|
53
|
+
version: '1.12'
|
54
|
+
type: :development
|
49
55
|
prerelease: false
|
50
56
|
version_requirements: !ruby/object:Gem::Requirement
|
51
57
|
requirements:
|
52
58
|
- - "~>"
|
53
59
|
- !ruby/object:Gem::Version
|
54
|
-
version: '
|
60
|
+
version: '1.12'
|
55
61
|
- !ruby/object:Gem::Dependency
|
56
|
-
name:
|
62
|
+
name: codecov
|
57
63
|
requirement: !ruby/object:Gem::Requirement
|
58
64
|
requirements:
|
59
65
|
- - "~>"
|
60
66
|
- !ruby/object:Gem::Version
|
61
|
-
version:
|
67
|
+
version: 0.1.14
|
62
68
|
type: :development
|
63
69
|
prerelease: false
|
64
70
|
version_requirements: !ruby/object:Gem::Requirement
|
65
71
|
requirements:
|
66
72
|
- - "~>"
|
67
73
|
- !ruby/object:Gem::Version
|
68
|
-
version:
|
74
|
+
version: 0.1.14
|
69
75
|
- !ruby/object:Gem::Dependency
|
70
|
-
name:
|
76
|
+
name: nokogiri
|
71
77
|
requirement: !ruby/object:Gem::Requirement
|
72
78
|
requirements:
|
79
|
+
- - ">="
|
80
|
+
- !ruby/object:Gem::Version
|
81
|
+
version: 1.8.5
|
73
82
|
- - "~>"
|
74
83
|
- !ruby/object:Gem::Version
|
75
|
-
version:
|
84
|
+
version: 1.10.10
|
76
85
|
type: :development
|
77
86
|
prerelease: false
|
78
87
|
version_requirements: !ruby/object:Gem::Requirement
|
79
88
|
requirements:
|
89
|
+
- - ">="
|
90
|
+
- !ruby/object:Gem::Version
|
91
|
+
version: 1.8.5
|
80
92
|
- - "~>"
|
81
93
|
- !ruby/object:Gem::Version
|
82
|
-
version:
|
94
|
+
version: 1.10.10
|
83
95
|
- !ruby/object:Gem::Dependency
|
84
96
|
name: pry
|
85
97
|
requirement: !ruby/object:Gem::Requirement
|
@@ -94,6 +106,40 @@ dependencies:
|
|
94
106
|
- - "~>"
|
95
107
|
- !ruby/object:Gem::Version
|
96
108
|
version: 0.12.2
|
109
|
+
- !ruby/object:Gem::Dependency
|
110
|
+
name: regexp-examples
|
111
|
+
requirement: !ruby/object:Gem::Requirement
|
112
|
+
requirements:
|
113
|
+
- - ">="
|
114
|
+
- !ruby/object:Gem::Version
|
115
|
+
version: 1.5.0
|
116
|
+
- - "~>"
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '1.5'
|
119
|
+
type: :development
|
120
|
+
prerelease: false
|
121
|
+
version_requirements: !ruby/object:Gem::Requirement
|
122
|
+
requirements:
|
123
|
+
- - ">="
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: 1.5.0
|
126
|
+
- - "~>"
|
127
|
+
- !ruby/object:Gem::Version
|
128
|
+
version: '1.5'
|
129
|
+
- !ruby/object:Gem::Dependency
|
130
|
+
name: rspec
|
131
|
+
requirement: !ruby/object:Gem::Requirement
|
132
|
+
requirements:
|
133
|
+
- - "~>"
|
134
|
+
- !ruby/object:Gem::Version
|
135
|
+
version: '3.2'
|
136
|
+
type: :development
|
137
|
+
prerelease: false
|
138
|
+
version_requirements: !ruby/object:Gem::Requirement
|
139
|
+
requirements:
|
140
|
+
- - "~>"
|
141
|
+
- !ruby/object:Gem::Version
|
142
|
+
version: '3.2'
|
97
143
|
- !ruby/object:Gem::Dependency
|
98
144
|
name: simplecov
|
99
145
|
requirement: !ruby/object:Gem::Requirement
|
@@ -108,31 +154,59 @@ dependencies:
|
|
108
154
|
- - "~>"
|
109
155
|
- !ruby/object:Gem::Version
|
110
156
|
version: 0.17.0
|
111
|
-
|
157
|
+
- !ruby/object:Gem::Dependency
|
158
|
+
name: yard
|
159
|
+
requirement: !ruby/object:Gem::Requirement
|
160
|
+
requirements:
|
161
|
+
- - "~>"
|
162
|
+
- !ruby/object:Gem::Version
|
163
|
+
version: '0.9'
|
164
|
+
- - ">="
|
165
|
+
- !ruby/object:Gem::Version
|
166
|
+
version: 0.9.20
|
167
|
+
type: :development
|
168
|
+
prerelease: false
|
169
|
+
version_requirements: !ruby/object:Gem::Requirement
|
170
|
+
requirements:
|
171
|
+
- - "~>"
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: '0.9'
|
174
|
+
- - ">="
|
175
|
+
- !ruby/object:Gem::Version
|
176
|
+
version: 0.9.20
|
177
|
+
description: "\n Usable, fast, simple Ruby gem for Tenable Nessus Pro from v7.0.1
|
178
|
+
to v8.3.1.\n NessusClient was designed to be simple, fast and performant through
|
179
|
+
communication with Nessus\n over REST interface.\n "
|
112
180
|
email: eu@heyderandrade.org
|
113
181
|
executables: []
|
114
182
|
extensions: []
|
115
183
|
extra_rdoc_files:
|
116
184
|
- README.md
|
117
185
|
- CONTRIBUTING.md
|
186
|
+
- CODE_OF_CONDUCT.md
|
118
187
|
files:
|
188
|
+
- CODE_OF_CONDUCT.md
|
119
189
|
- CONTRIBUTING.md
|
120
190
|
- README.md
|
121
191
|
- lib/modules/exports.rb
|
122
192
|
- lib/modules/folders.rb
|
123
193
|
- lib/modules/policies.rb
|
124
194
|
- lib/modules/scans.rb
|
195
|
+
- lib/modules/server.rb
|
196
|
+
- lib/modules/session.rb
|
197
|
+
- lib/modules/tokens.rb
|
125
198
|
- lib/nessus_client.rb
|
126
199
|
- lib/nessus_client/exception.rb
|
127
200
|
- lib/nessus_client/request.rb
|
128
|
-
- lib/nessus_client/
|
201
|
+
- lib/nessus_client/resource.rb
|
129
202
|
- lib/nessus_client/version.rb
|
130
|
-
homepage: https://
|
203
|
+
homepage: https://github.com/heyder/nessus_client
|
131
204
|
licenses:
|
132
205
|
- MIT
|
133
206
|
metadata:
|
207
|
+
documentation_uri: https://rubydoc.info/github/heyder/nessus_client/
|
134
208
|
source_code_uri: https://github.com/heyder/nessus_client
|
135
|
-
post_install_message:
|
209
|
+
post_install_message:
|
136
210
|
rdoc_options: []
|
137
211
|
require_paths:
|
138
212
|
- lib
|
@@ -147,8 +221,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
147
221
|
- !ruby/object:Gem::Version
|
148
222
|
version: '0'
|
149
223
|
requirements: []
|
150
|
-
rubygems_version: 3.0.
|
151
|
-
signing_key:
|
224
|
+
rubygems_version: 3.0.6
|
225
|
+
signing_key:
|
152
226
|
specification_version: 4
|
153
|
-
summary: Ruby
|
227
|
+
summary: Usable, fast, simple Ruby gem for Tenable Nessus Pro from v7.0.1 to v8.3.1.
|
154
228
|
test_files: []
|
@@ -1,56 +0,0 @@
|
|
1
|
-
require 'oj'
|
2
|
-
require_relative 'request'
|
3
|
-
require_relative 'exception'
|
4
|
-
|
5
|
-
class NessusClient
|
6
|
-
|
7
|
-
# This class should be used to get an access token
|
8
|
-
# for use with the main client class.
|
9
|
-
class Session
|
10
|
-
attr_reader :token, :api_token
|
11
|
-
|
12
|
-
@token = @api_token = nil
|
13
|
-
|
14
|
-
# @param [String] username
|
15
|
-
# @param [String] password
|
16
|
-
def self.create( username, password )
|
17
|
-
|
18
|
-
payload = {
|
19
|
-
username: username,
|
20
|
-
password: password,
|
21
|
-
}
|
22
|
-
|
23
|
-
response = NessusClient::Request.post( '/session', payload )
|
24
|
-
response = Oj.load(response) if response.length > 0
|
25
|
-
|
26
|
-
if response['token']
|
27
|
-
return self.new( response['token'] )
|
28
|
-
else
|
29
|
-
raise NessusClient::Error.new "#{__method__}::Response did not include a session token."
|
30
|
-
end
|
31
|
-
|
32
|
-
end
|
33
|
-
|
34
|
-
def initialize( token )
|
35
|
-
@token = token
|
36
|
-
end
|
37
|
-
|
38
|
-
def set_api_token
|
39
|
-
response = NessusClient::Request.get( "/nessus6.js" )
|
40
|
-
response.match( %r{return"(\w{8}-(?:\w{4}-){3}\w{12})"\}} )
|
41
|
-
|
42
|
-
raise NessusClient::Error.new( "Unable to get API Token. Some features won't work." ) unless $1#.nil?
|
43
|
-
|
44
|
-
@api_token = $1
|
45
|
-
|
46
|
-
end
|
47
|
-
|
48
|
-
def destroy
|
49
|
-
NessusClient::Request.delete( '/session', nil )
|
50
|
-
@token = nil
|
51
|
-
end
|
52
|
-
alias_method :logout , :destroy
|
53
|
-
|
54
|
-
end
|
55
|
-
|
56
|
-
end
|