nexpose-magic 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/README +26 -0
- data/bin/nexmagic.rb +92 -0
- data/lib/nexpose-magic.rb +69 -0
- data/nexposemagic.rspec +44 -0
- metadata +75 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 46316b96692e942e08a24d91c67939017fbb9d8d
|
4
|
+
data.tar.gz: ce6dcd7e2d17e5a8d0a52c9ddc1905a0261cd427
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 16b266ea56fae5da2e3e854fa897e306641aceff2ae4d81c371683d248085c833e22c659598c189a45d78a14f2379fb43ab3277175d11800502067ca06e3b0ac
|
7
|
+
data.tar.gz: f08095961f428ce5ba66a8d19f75eb6f0573ff7becb3a26489abe95f1c4a10840fc566721ef6311b7737e3217ee79d4de3fe4d0c79edd5dd231260830863d323
|
data/README
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
Nexpose Magic is a project created by Matthew Spah to help Nexpose Admins pull information from their consoles on the command line.
|
2
|
+
|
3
|
+
It is currently in alpha stage and should only be used for testing purposes.
|
4
|
+
|
5
|
+
Required files:
|
6
|
+
nexpose-magic.rb
|
7
|
+
nexmagic.rb
|
8
|
+
|
9
|
+
Nexpose Magic uses the arugments supplied by -u, -p, and -i to make the connection the the nexpose console
|
10
|
+
|
11
|
+
To display information about a specific scan engine:
|
12
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -e [--engine] <engine ID>
|
13
|
+
|
14
|
+
To display nexpose site information:
|
15
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -t [--site] <site ID>
|
16
|
+
|
17
|
+
To display scans that are currently running on your nexpose console:
|
18
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -v [--vscans]
|
19
|
+
|
20
|
+
To display a table list of either all sites or engines present on a console:
|
21
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -l [--list] <scans | engines>
|
22
|
+
|
23
|
+
To display command line help:
|
24
|
+
- nexmagic.rb -h
|
25
|
+
|
26
|
+
|
data/bin/nexmagic.rb
ADDED
@@ -0,0 +1,92 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require 'nexpose-magic'
|
3
|
+
require 'optparse'
|
4
|
+
require 'nexpose'
|
5
|
+
require 'table_print'
|
6
|
+
include Nexpose
|
7
|
+
|
8
|
+
options = {}
|
9
|
+
|
10
|
+
OptionParser.new do |opts|
|
11
|
+
opts.banner = "Usage: nexpose-magic.rb -c [console] [options]"
|
12
|
+
|
13
|
+
opts.separator ""
|
14
|
+
opts.separator "Specific options:"
|
15
|
+
|
16
|
+
opts.on('-i', "--ip <IP ADDRESS>", "Nexpose Console IP") do |i|
|
17
|
+
options[:ip] = i
|
18
|
+
end
|
19
|
+
|
20
|
+
opts.on('-u', "--user <User>", "Nexpose Console User") do |u|
|
21
|
+
options[:user] = u
|
22
|
+
end
|
23
|
+
|
24
|
+
opts.on('-p', "--password <Password>", "Nexpose Console Password") do |p|
|
25
|
+
options[:password] = p
|
26
|
+
end
|
27
|
+
|
28
|
+
opts.on('-t', "--port <Port Number>", "Nexpose Port Number") do |t|
|
29
|
+
options[:port] = t
|
30
|
+
end
|
31
|
+
|
32
|
+
opts.on("-e", "--engine <Engine ID>", "Display Scan Engine Information") do |e|
|
33
|
+
options[:scan_engine] = e
|
34
|
+
end
|
35
|
+
|
36
|
+
opts.on("-s", "--site <site ID>", "Display Site Information") do |s|
|
37
|
+
options[:site] = s
|
38
|
+
end
|
39
|
+
|
40
|
+
opts.on("-v", "--vscans", "Display currently running Nexpose vulnerability scans") do |v|
|
41
|
+
options[:scans] = v
|
42
|
+
end
|
43
|
+
|
44
|
+
opts.on("-l", "--list [sites] [engines]", "Display tabled list of all Nexpose Sites, or Scan Engines present on a console") do |l|
|
45
|
+
options[:list] = l
|
46
|
+
end
|
47
|
+
|
48
|
+
opts.on_tail("-h", "--help", "Show help message") do
|
49
|
+
puts opts
|
50
|
+
exit
|
51
|
+
end
|
52
|
+
end.parse!
|
53
|
+
|
54
|
+
begin
|
55
|
+
nsc = Connection.new(options[:ip], options[:user], options[:password]) if options[:port].nil?
|
56
|
+
nsc = Connection.new(options[:ip], options[:user], options[:password], port = options[:port]) if options[:port]
|
57
|
+
nsc.login
|
58
|
+
rescue => e
|
59
|
+
raise e
|
60
|
+
end
|
61
|
+
|
62
|
+
nexpose = NexposeMagic.new
|
63
|
+
|
64
|
+
if not options[:scan_engine].nil?
|
65
|
+
nexpose.engine = Engine.load(nsc, options[:scan_engine])
|
66
|
+
nexpose.populate_engine.each { |x| puts x }
|
67
|
+
|
68
|
+
elsif not options[:site].nil?
|
69
|
+
nexpose.site = Site.load(nsc, options[:site])
|
70
|
+
nexpose.populate_site.each {|x| puts x }
|
71
|
+
|
72
|
+
elsif not options[:list].nil?
|
73
|
+
case options[:list]
|
74
|
+
when "engines"
|
75
|
+
nexpose.engines = nsc.list_engines
|
76
|
+
nexpose.list_engines
|
77
|
+
when "sites"
|
78
|
+
nexpose.sites = nsc.list_sites
|
79
|
+
nexpose.list_sites
|
80
|
+
else
|
81
|
+
puts "You gave an invalid list argument"
|
82
|
+
end
|
83
|
+
|
84
|
+
elsif not options[:scans].nil?
|
85
|
+
nexpose.scans = nsc.scan_activity
|
86
|
+
nexpose.populate_scans.each { |x| puts x }
|
87
|
+
end
|
88
|
+
|
89
|
+
nsc.logout
|
90
|
+
|
91
|
+
|
92
|
+
|
@@ -0,0 +1,69 @@
|
|
1
|
+
|
2
|
+
class NexposeMagic
|
3
|
+
|
4
|
+
attr_accessor :engine, :site, :scans, :sites, :engines
|
5
|
+
|
6
|
+
def initialize(engine=nil, site=nil, scans=nil, list_sites=nil, list_engines=nil)
|
7
|
+
@engine = engine
|
8
|
+
@site = site
|
9
|
+
@scans = scans
|
10
|
+
@list_sites = list_sites
|
11
|
+
@list_engines = list_engines
|
12
|
+
end
|
13
|
+
|
14
|
+
def populate_site
|
15
|
+
@assets = convert_ip_range(@site.assets)
|
16
|
+
@siteinfo = [ "Site Name: #{@site.name}",
|
17
|
+
"Site Engine ID: #{@site.engine}",
|
18
|
+
"Site Scan Template: #{@site.scan_template_name}",
|
19
|
+
"Site Assets: " ]
|
20
|
+
@assets.each { |asset| @siteinfo << "#{asset}" }
|
21
|
+
@siteinfo
|
22
|
+
end
|
23
|
+
|
24
|
+
def populate_engine
|
25
|
+
@engineinfo = [ "Engine Name: #{@engine.name}",
|
26
|
+
"Engine Address: #{@engine.address}",
|
27
|
+
"Engine ID: #{@engine.id}",
|
28
|
+
"Engine Sites: " ]
|
29
|
+
@engine.sites.each { |x| @engineinfo << "Site ID: #{x.id} Site Name: #{x.name}" }
|
30
|
+
@engineinfo
|
31
|
+
end
|
32
|
+
|
33
|
+
def convert_ip_range(assets)
|
34
|
+
ips = []
|
35
|
+
assets.each do |asset|
|
36
|
+
unless asset.to
|
37
|
+
ips << asset.from
|
38
|
+
else
|
39
|
+
ips << asset.from + "-" + asset.to
|
40
|
+
end
|
41
|
+
end
|
42
|
+
ips
|
43
|
+
end
|
44
|
+
|
45
|
+
def populate_scans
|
46
|
+
return ["No scans currently running"] if @scans.empty?
|
47
|
+
|
48
|
+
@scaninfo = [ "Scans currently runnning"]
|
49
|
+
@scans.each do |x|
|
50
|
+
@scaninfo << "Scan ID: #{x.scan_id}"
|
51
|
+
@scaninfo << "Site ID: #{x.site_id}"
|
52
|
+
@scaninfo << "Status: #{x.status}"
|
53
|
+
@scaninfo << "Engine ID: #{x.engine_id}"
|
54
|
+
@scaninfo << "Scan Start Time: #{x.start_time}"
|
55
|
+
@scaninfo << "Nodes: #{x.nodes.live}"
|
56
|
+
@scaninfo << ""
|
57
|
+
end
|
58
|
+
@scaninfo
|
59
|
+
end
|
60
|
+
|
61
|
+
def list_sites
|
62
|
+
tp @sites
|
63
|
+
end
|
64
|
+
|
65
|
+
def list_engines
|
66
|
+
tp @engines
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
data/nexposemagic.rspec
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'nexpose-magic'
|
2
|
+
#You'll need to fill in Connection.new for this test to be successful
|
3
|
+
#
|
4
|
+
|
5
|
+
describe NexposeMagic do
|
6
|
+
|
7
|
+
before :each do
|
8
|
+
@nexpose = NexposeMagic.new
|
9
|
+
end
|
10
|
+
|
11
|
+
it "should populate engine information about a known scan engine" do
|
12
|
+
sites = []
|
13
|
+
stub_site = stub :id => "234234", :name => "This is a test site"
|
14
|
+
sites << stub_site
|
15
|
+
stub_engine = stub :name => "CFS-LH-2000", :id => "99", :address => "192.168.1.25", :sites => sites
|
16
|
+
@nexpose.engine = stub_engine
|
17
|
+
@nexpose.populate_engine.should include("Engine Name: CFS-LH-2000")
|
18
|
+
@nexpose.populate_engine.should include("Engine Address: 192.168.1.25")
|
19
|
+
end
|
20
|
+
|
21
|
+
it "should populate site information about a known site" do
|
22
|
+
assets = []
|
23
|
+
stub_asset = stub :from => "192.168.1.1", :to => "192.168.1.254"
|
24
|
+
assets << stub_asset
|
25
|
+
stub_site = stub :name => "This is a test site", :engine => "CFS-LH-2000", :scan_template_name => "Template PCI", :assets => assets
|
26
|
+
@nexpose.site = stub_site
|
27
|
+
@nexpose.populate_site.should include("Site Name: This is a test site")
|
28
|
+
end
|
29
|
+
|
30
|
+
it "should let you know when no scans are running" do
|
31
|
+
stub_scans = []
|
32
|
+
@nexpose.scans = stub_scans
|
33
|
+
@nexpose.populate_scans.should include("No scans currently running")
|
34
|
+
end
|
35
|
+
|
36
|
+
it "should display scans when they are running" do
|
37
|
+
stub_scans = []
|
38
|
+
stub_nodes = stub :live => "46"
|
39
|
+
stub_scan = stub :scan_id => "32434", :site_id => "343434", :status => "running", :engine_id => "99", :start_time => "03/02/2014 12:34:54", :nodes => stub_nodes
|
40
|
+
stub_scans << stub_scan
|
41
|
+
@nexpose.scans = stub_scans
|
42
|
+
@nexpose.populate_scans.should include("Scan ID: 32434")
|
43
|
+
end
|
44
|
+
end
|
metadata
ADDED
@@ -0,0 +1,75 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: nexpose-magic
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.2
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Matthew Spah
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-03-13 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: nexpose
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: table_print
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
description: Nexpose-magic - Nexpose adminstration CLI tool
|
42
|
+
email: spahmatthew@gmail.com
|
43
|
+
executables:
|
44
|
+
- nexmagic.rb
|
45
|
+
extensions: []
|
46
|
+
extra_rdoc_files: []
|
47
|
+
files:
|
48
|
+
- README
|
49
|
+
- bin/nexmagic.rb
|
50
|
+
- lib/nexpose-magic.rb
|
51
|
+
- nexposemagic.rspec
|
52
|
+
homepage:
|
53
|
+
licenses: []
|
54
|
+
metadata: {}
|
55
|
+
post_install_message:
|
56
|
+
rdoc_options: []
|
57
|
+
require_paths:
|
58
|
+
- lib
|
59
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
60
|
+
requirements:
|
61
|
+
- - ">="
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: '0'
|
64
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
requirements: []
|
70
|
+
rubyforge_project:
|
71
|
+
rubygems_version: 2.2.2
|
72
|
+
signing_key:
|
73
|
+
specification_version: 4
|
74
|
+
summary: Nexpose-magic - Nexpose adminstration CLI tool
|
75
|
+
test_files: []
|