nessus_rest 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. data/VERSION +1 -1
  2. data/examples/backup-reports.rb +10 -10
  3. data/examples/serial-scan.rb +22 -0
  4. data/examples/simple.rb +1 -1
  5. data/lib/nessus_rest.rb +78 -4
  6. metadata +3 -2
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.3
1
+ 0.1.4
data/examples/backup-reports.rb CHANGED
@@ -2,22 +2,22 @@
2
2
 
3
3
  require 'nessus_rest'
4
4
 
5
- n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
5
+ n=NessusREST::Client.new({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
6
6
 
7
7
  formats=["nessus","csv","html"]
8
8
  folders_id=Hash.new
9
9
 
10
10
  sl["folders"].each do |f|
11
- folders_id[f['id']]=f['name']
11
+ folders_id[f['id']]=f['name']
12
12
  end
13
13
 
14
14
  sl["scans"].each do |s|
15
- puts "backing up: "+s["name"]+":"+s["uuid"].to_s
16
- formats.each do |format|
17
- # fn = folder__name__scanid.format
18
- outputfn=folders_id[s['folder_id']]+'__'+s['name']+'__'+s['id'].to_s+'.'+format
19
- puts "-> Format: #{format"} Filename: #{outputfn}"
20
- n.report_download_file(s['id'],format,outputfn)
21
- end
22
- end
15
+ puts "backing up: "+s["name"]+":"+s["uuid"].to_s
16
+ formats.each do |format|
17
+ # fn = folder__name__scanid.format
18
+ outputfn=folders_id[s['folder_id']]+'__'+s['name']+'__'+s['id'].to_s+'.'+format
19
+ puts "-> Format: #{format} Filename: #{outputfn}"
20
+ n.report_download_file(s['id'],format,outputfn)
21
+ end # formats
22
+ end # scans
23
23
 
data/examples/serial-scan.rb ADDED
@@ -0,0 +1,22 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'nessus_rest'
4
+
5
+ subnets_to_scan=[
6
+ {:name=>'lan1', :targets=>'192.168.1.0/24'},
7
+ {:name=>'lan2', :targets=>'10.1.1.0/24'}
8
+ ]
9
+
10
+ n=NessusREST::Client.new(:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
11
+
12
+ subnets_to_scan.each do |subnet|
13
+ scanname='myscan-'+subnet[:name]
14
+ puts "Scanning: "+scanname
15
+ # you have to specify your own scan policy instead of ping-safe
16
+ qs=n.scan_quick_policy('ping-safe',scanname,subnet[:targets])
17
+ scanid=qs['scan']['id']
18
+ puts "Waiting to finish"
19
+ n.scan_wait4finish(scanid)
20
+ n.report_download_file(scanid,'nessus',scanname+'.nessus')
21
+ end
22
+
data/examples/simple.rb CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  require 'nessus_rest'
4
4
 
5
- n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
5
+ n=NessusREST::Client.new({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
6
6
  qs=n.scan_quick_template('basic','name-of-scan','localhost')
7
7
  scanid=qs['scan']['id']
8
8
  n.scan_wait4finish(scanid)
data/lib/nessus_rest.rb CHANGED
@@ -122,10 +122,29 @@ module NessusREST
122
122
  def authenticate(username, password)
123
123
  @username = username
124
124
  @password = password
125
+ authdefault
126
+ end
127
+ alias_method :login, :authenticate
128
+
129
+ # Tries to authenticate to the Nessus REST JSON interface
130
+ #
131
+ # returns: true if logged in, false if not
132
+ #
133
+ # Usage:
134
+ #
135
+ # n=NessusREST::Client.new (:url=>'https://localhost:8834', :autologin=>false,
136
+ # :username=>'nessususer', :password=>'nessuspassword')
137
+ # if n.authdefault
138
+ # puts "Logged in"
139
+ # else
140
+ # puts "Error"
141
+ # end
142
+ def authdefault
125
143
  payload = {
126
- :username => @username,
127
- :password => @password,
128
- :json => 1
144
+ :username => @username,
145
+ :password => @password,
146
+ :json => 1,
147
+ :authenticationmethod => true
129
148
  }
130
149
  res = http_post(:uri=>"/session", :data=>payload)
131
150
  if res['token']
@@ -136,7 +155,6 @@ module NessusREST
136
155
  false
137
156
  end
138
157
  end
139
- alias_method :login, :authenticate
140
158
 
141
159
  # checks if we're logged in correctly
142
160
  #
@@ -586,6 +604,17 @@ module NessusREST
586
604
  # res = n.http_put(:uri=>"/users/#{user_id}/chpasswd", :data=>payload, :fields=>n.x_cookie)
587
605
  # puts res.code
588
606
  def http_put(opts={})
607
+ ret=http_put_low(opts)
608
+ if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
609
+ authdefault
610
+ ret=http_put_low(opts)
611
+ return ret
612
+ else
613
+ return ret
614
+ end
615
+ end
616
+
617
+ def http_put_low(opts={})
589
618
  uri = opts[:uri]
590
619
  data = opts[:data]
591
620
  fields = opts[:fields] || {}
@@ -625,6 +654,17 @@ module NessusREST
625
654
  # res = n.http_delete(:uri=>"/session", :fields=>n.x_cookie)
626
655
  # puts res.code
627
656
  def http_delete(opts={})
657
+ ret=http_delete_low(opts)
658
+ if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
659
+ authdefault
660
+ ret=http_delete_low(opts)
661
+ return ret
662
+ else
663
+ return ret
664
+ end
665
+ end
666
+
667
+ def http_delete_low(opts={})
628
668
  uri = opts[:uri]
629
669
  fields = opts[:fields] || {}
630
670
  res = nil
@@ -662,6 +702,22 @@ module NessusREST
662
702
  # n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
663
703
  # pp n.http_get(:uri=>"/users", :fields=>n.x_cookie)
664
704
  def http_get(opts={})
705
+ raw_content = opts[:raw_content] || false
706
+ ret=http_get_low(opts)
707
+ if !raw_content then
708
+ if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
709
+ authdefault
710
+ ret=http_get_low(opts)
711
+ return ret
712
+ else
713
+ return ret
714
+ end
715
+ else
716
+ return ret
717
+ end
718
+ end
719
+
720
+ def http_get_low(opts={})
665
721
  uri = opts[:uri]
666
722
  fields = opts[:fields] || {}
667
723
  raw_content = opts[:raw_content] || false
@@ -702,6 +758,24 @@ module NessusREST
702
758
  # n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
703
759
  # pp n.http_post(:uri=>"/scans/#{scan_id}/launch", :fields=>n.x_cookie)
704
760
  def http_post(opts={})
761
+ if opts.has_key?(:authenticationmethod) then
762
+ # i know authzmethod = opts.delete(:authorizationmethod) is short, but not readable
763
+ authzmethod = opts[:authenticationmethod]
764
+ opts.delete(:authenticationmethod)
765
+ end
766
+ ret=http_post_low(opts)
767
+ if ret.is_a?(Hash) and ret.has_key?('error') and ret['error']=='Invalid Credentials' then
768
+ if not authzmethod
769
+ authdefault
770
+ ret=http_post_low(opts)
771
+ return ret
772
+ end
773
+ else
774
+ return ret
775
+ end
776
+ end
777
+
778
+ def http_post_low(opts={})
705
779
  uri = opts[:uri]
706
780
  data = opts[:data]
707
781
  fields = opts[:fields] || {}
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nessus_rest
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-08-27 00:00:00.000000000 Z
12
+ date: 2016-08-31 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler
@@ -92,6 +92,7 @@ files:
92
92
  - Rakefile
93
93
  - VERSION
94
94
  - examples/backup-reports.rb
95
+ - examples/serial-scan.rb
95
96
  - examples/simple.rb
96
97
  - lib/nessus_rest.rb
97
98
  - nessus_rest.gemspec