nessus_client 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1dda4cc05fbcee8eac14f8469f106944fa356ec74ecb31e3623c13338ec175f9
+  data.tar.gz: db9270a96eb7866357754b65e1d3e17c0c67d9fdc98e5d507104a44fee49ef31
+SHA512:
+  metadata.gz: d8c172bec3e3039644a3352dfa279e3799153351936b3d4b9ac86d90e87a31d9d151480e34ef7eb742258b77fdeb28066224216c07ae5a2cf31c9fb5771f8e8b
+  data.tar.gz: 74dff229a778e97680bde8f690c845e84767b3da1847459577a377d2cfea2febc35f53c8fd1aac1befce5138c450cc7092c3b71d5f35cd840edd516dd4012461

data/README.md

@@ -0,0 +1,39 @@
+NessusApi
+=========
+**Ruby wrapper for Nessus API**
+
+  * [Source Code]
+  * [API documentation]
+  * [Changelog]
+  * [Rubygem]
+
+
+Ruby wrapper for Nessus API (all verions)
+
+## Contact
+
+*Code and Bug Reports*
+
+* [Issue Tracker](https://github.com/heyder/nessus_client/issues)
+* See [CONTRIBUTING](https://github.com/heyder/nessus_client/blob/master/CONTRIBUTING.md) for how to contribute along
+with some common problems to check out before creating an issue.
+
+
+Getting started
+---------------
+
+
+
+
+## Code of Conduct
+
+Everyone participating in this project's development, issue trackers and other channels is expected to follow our
+[Code of Conduct](./CODE_OF_CONDUCT.md)
+
+## Contributing
+
+See the [contributing guide](https://github.com/heyder/nessus_client/blob/master/CONTRIBUTING.md).
+
+## Copyright
+
+Copyright (c) 2016-2019 Heyder Andrade. See MIT-LICENSE for details.

data/lib/modules/exports.rb

@@ -0,0 +1,15 @@
+# require_relative '../nessus_client/request'
+
+module NessusClient::Exports
+ # export scans
+  def export_request( scan_id, format )
+    params = {:format => format }
+    self.request.post("/scans/#{scan_id}/export", params)
+  end
+  def export_status( export_id )
+    self.request.get("/tokens/#{export_id}/status")
+  end
+  def export_download( export_id )
+    self.request.get("/tokens/#{export_id}/download")
+  end
+end

data/lib/modules/folders.rb

@@ -0,0 +1,12 @@
+# require_relative '../nessus_client/request'
+
+module NessusClient::Folders
+# folders
+  def list_folders
+    self.request.get("/folders")
+  end
+  def create_folder( folder_name )
+    params = {:name => folder_name }.to_json
+    self.request.post("/folders", params)
+  end
+end

data/lib/modules/policies.rb

@@ -0,0 +1,7 @@
+# require_relative '../nessus_client/request'
+
+module NessusClient::Policies
+  def policies
+    self.request.get( "/policies" )
+  end
+end

data/lib/modules/scans.rb

@@ -0,0 +1,27 @@
+
+module NessusClient::Scans
+
+  def list_scans( folder_id=nil )
+    query = folder_id.nil? ? nil : { "folder_id" => folder_id }
+    self.request.get( "/scans", nil, query )
+  end
+  alias_method :scans, :list_scans 
+
+  def scan_details( scan_id, history_id=nil )
+    query = history_id.nil? ? nil : { "history_id" => history_id }
+    self.request.get( "/scans/#{scan_id}", nil, query )
+  end
+
+  def launch_by_name( scan_name, targets=[] )
+    scan_id = get_scan_by_name( scan_name )
+    params = { :alt_targets => targets } unless targets.empty?
+    self.request.post( "/scans/#{scan_id}/launch", params )
+  end
+
+  def get_scan_by_name( folder_id=nil, name )
+    Oj.load(list_scans( folder_id ))["scans"].each do |scan|
+      return scan['id'] if scan['name'] == name
+    end
+  end
+  
+end

data/lib/nessus_client.rb

@@ -0,0 +1,53 @@
+# require 'pry'
+require_relative 'nessus_client/version'
+require_relative 'nessus_client/exception'
+
+Dir[File.join(__dir__, 'modules', '*.rb')].each { |file| require file }
+
+class NessusClient
+
+  attr_reader :request, :session
+  
+  include NessusClient::Scans
+  include NessusClient::Exports
+  include NessusClient::Folders
+  include NessusClient::Policies
+
+  autoload :Request, "nessus_client/request"
+  autoload :Session, "nessus_client/session"
+
+  def initialize( params={uri: nil, username: nil, password: nil, :ssl_verify_peer => false} )
+    @has_session = false
+    req_params = params.select {|key, value| [:uri, :ssl_verify_peer].include?(key) } 
+    # session_params = params.select {|key, value| [:username, :password].include?(key) } 
+
+    @request = NessusClient::Request.new( req_params )
+    @session = NessusClient::Session.create( params.fetch(:username), params.fetch(:password) )
+    
+    if @session.token
+      begin
+        @has_session = true
+        # NessusClient::Request.headers.update( 'X-Cookie' => 'token=' + api_session.token )
+        @request.headers.update( 'X-Cookie' => 'token=' + @session.token )
+        @session.set_api_token
+      rescue NessusClient::Error => err
+        puts err.message
+      else
+        request.headers.update( 'X-API-Token' => @session.api_token )
+      ensure
+        return
+      end
+
+    end
+
+  end
+
+  def has_session?
+    @has_session
+  end
+
+  def status
+    self.request.get( "/server/status" )
+  end
+
+end

data/lib/nessus_client/exception.rb

@@ -0,0 +1,7 @@
+class NessusClient
+  class Error < ::StandardError
+    def initialize(msg="message")
+      super
+    end
+  end
+end

data/lib/nessus_client/request.rb

@@ -0,0 +1,76 @@
+require 'excon'
+require 'json'
+# require 'pry'
+class NessusClient
+
+  # Excon.defaults[:ssl_verify_peer] = false
+  # This class should be used to in all requests classes
+  
+  class Request
+    # attr_accessor :headers
+    attr_reader   :url, :headers
+
+    DEFAULT_HEADERS = {
+      "User-Agent" => "Mozilla/5.0 (Linux x86_64)",
+      "Content-Type" => "application/json"
+    }
+
+    def initialize( params )
+      params = {:uri => nil, :ssl_verify_peer => false, :headers => {} }.merge( params )
+      @@ssl_verify_peer = params.fetch(:ssl_verify_peer)
+      @url = @@url = NessusClient::Request.uri_parse( params.fetch(:uri) )
+      @headers = params.fetch( :headers ).merge( DEFAULT_HEADERS )
+    end 
+
+    # def self.headers
+    #   @@headers
+    # end
+    def headers=(value)
+      raise NotImplementedError.new("Use update from Hash insted.")
+    end
+ 
+    def get( path=nil, payload=nil, query=nil )
+      http_request( :get, path, payload, query )
+    end
+
+    def post( path=nil, payload=nil, query=nil )
+      http_request( :post, path, payload, query )
+    end
+
+    def delete( path=nil, payload=nil, query=nil )
+      http_request( :delete, path, payload, query )
+    end
+
+    def self.uri_parse( uri )
+      url = URI.parse( uri )
+      raise URI::InvalidURIError unless url.scheme
+      return url.to_s
+    end
+
+    private
+
+    def http_request( method=:get, path, payload, query )
+      # binding.pry
+      connection = Excon.new( @@url )
+      
+      body = payload ? payload.to_json : ''
+      options = {
+        method: method,
+        path: path,
+        body: body,
+        query: query,
+        headers: @headers,
+        ssl_verify_peer: @@ssl_verify_peer,
+        #idempotent: true,
+        #proxy: "http://127.0.0.1:8080",
+        expects: [200, 201]
+      }
+      response = connection.request( options )
+    
+      return response.body if response.body.length > 0
+
+    end
+
+  end
+  
+end

data/lib/nessus_client/session.rb

@@ -0,0 +1,56 @@
+require 'oj'
+require_relative 'request'
+require_relative 'exception'
+
+class NessusClient
+
+  # This class should be used to get an access token
+  # for use with the main client class.
+  class Session
+    attr_reader :token, :api_token
+
+    @token = @api_token  = nil
+
+    # @param [String] username
+    # @param [String] password
+    def self.create( username, password )
+      
+      payload = {
+        username: username,
+        password: password,
+      }
+
+      response = NessusClient::Request.post( '/session', payload )
+      response = Oj.load(response) if response.length > 0
+
+      if response['token']
+         return self.new( response['token'] )
+      else
+        raise NessusClient::Error.new "#{__method__}::Response did not include a session token."
+      end
+
+    end
+
+    def initialize( token )      
+      @token = token
+    end
+
+    def set_api_token
+      response = NessusClient::Request.get( "/nessus6.js" )
+      response.match( %r{return"(\w{8}-(?:\w{4}-){3}\w{12})"\}} )
+      
+      raise NessusClient::Error.new( "Unable to get API Token. Some features won't work." ) unless $1#.nil?
+      
+      @api_token = $1 
+      
+    end
+
+    def destroy
+      NessusClient::Request.delete( '/session', nil )
+      @token = nil
+    end
+    alias_method :logout , :destroy
+
+  end
+
+end

data/lib/nessus_client/version.rb

@@ -0,0 +1,3 @@
+class NessusClient
+  VERSION = '0.1.0'
+end

metadata

@@ -0,0 +1,154 @@
+--- !ruby/object:Gem::Specification
+name: nessus_client
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Heyder
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-11-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: excon
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.62'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.62'
+- !ruby/object:Gem::Dependency
+  name: oj
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.12.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.12.2
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.17.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.17.0
+description: Ruby wrapper for Nessus API (all verions)
+email: eu@heyderandrade.org
+executables: []
+extensions: []
+extra_rdoc_files:
+- README.md
+- CONTRIBUTING.md
+files:
+- CONTRIBUTING.md
+- README.md
+- lib/modules/exports.rb
+- lib/modules/folders.rb
+- lib/modules/policies.rb
+- lib/modules/scans.rb
+- lib/nessus_client.rb
+- lib/nessus_client/exception.rb
+- lib/nessus_client/request.rb
+- lib/nessus_client/session.rb
+- lib/nessus_client/version.rb
+homepage: https://rubygemspec.org/gems/nessus_client
+licenses:
+- MIT
+metadata:
+  source_code_uri: https://github.com/heyder/nessus_client
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.1
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Ruby wrapper for Nessus API
+test_files: []