nexpose-magic 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +7 -0
  2. data/README +26 -0
  3. data/bin/nexmagic.rb +92 -0
  4. data/lib/nexpose-magic.rb +69 -0
  5. data/nexposemagic.rspec +44 -0
  6. metadata +75 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 46316b96692e942e08a24d91c67939017fbb9d8d
4
+ data.tar.gz: ce6dcd7e2d17e5a8d0a52c9ddc1905a0261cd427
5
+ SHA512:
6
+ metadata.gz: 16b266ea56fae5da2e3e854fa897e306641aceff2ae4d81c371683d248085c833e22c659598c189a45d78a14f2379fb43ab3277175d11800502067ca06e3b0ac
7
+ data.tar.gz: f08095961f428ce5ba66a8d19f75eb6f0573ff7becb3a26489abe95f1c4a10840fc566721ef6311b7737e3217ee79d4de3fe4d0c79edd5dd231260830863d323
data/README ADDED
@@ -0,0 +1,26 @@
1
+ Nexpose Magic is a project created by Matthew Spah to help Nexpose Admins pull information from their consoles on the command line.
2
+
3
+ It is currently in alpha stage and should only be used for testing purposes.
4
+
5
+ Required files:
6
+ nexpose-magic.rb
7
+ nexmagic.rb
8
+
9
+ Nexpose Magic uses the arugments supplied by -u, -p, and -i to make the connection the the nexpose console
10
+
11
+ To display information about a specific scan engine:
12
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -e [--engine] <engine ID>
13
+
14
+ To display nexpose site information:
15
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -t [--site] <site ID>
16
+
17
+ To display scans that are currently running on your nexpose console:
18
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -v [--vscans]
19
+
20
+ To display a table list of either all sites or engines present on a console:
21
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -l [--list] <scans | engines>
22
+
23
+ To display command line help:
24
+ - nexmagic.rb -h
25
+
26
+
data/bin/nexmagic.rb ADDED
@@ -0,0 +1,92 @@
1
+ #!/usr/bin/env ruby
2
+ require 'nexpose-magic'
3
+ require 'optparse'
4
+ require 'nexpose'
5
+ require 'table_print'
6
+ include Nexpose
7
+
8
+ options = {}
9
+
10
+ OptionParser.new do |opts|
11
+ opts.banner = "Usage: nexpose-magic.rb -c [console] [options]"
12
+
13
+ opts.separator ""
14
+ opts.separator "Specific options:"
15
+
16
+ opts.on('-i', "--ip <IP ADDRESS>", "Nexpose Console IP") do |i|
17
+ options[:ip] = i
18
+ end
19
+
20
+ opts.on('-u', "--user <User>", "Nexpose Console User") do |u|
21
+ options[:user] = u
22
+ end
23
+
24
+ opts.on('-p', "--password <Password>", "Nexpose Console Password") do |p|
25
+ options[:password] = p
26
+ end
27
+
28
+ opts.on('-t', "--port <Port Number>", "Nexpose Port Number") do |t|
29
+ options[:port] = t
30
+ end
31
+
32
+ opts.on("-e", "--engine <Engine ID>", "Display Scan Engine Information") do |e|
33
+ options[:scan_engine] = e
34
+ end
35
+
36
+ opts.on("-s", "--site <site ID>", "Display Site Information") do |s|
37
+ options[:site] = s
38
+ end
39
+
40
+ opts.on("-v", "--vscans", "Display currently running Nexpose vulnerability scans") do |v|
41
+ options[:scans] = v
42
+ end
43
+
44
+ opts.on("-l", "--list [sites] [engines]", "Display tabled list of all Nexpose Sites, or Scan Engines present on a console") do |l|
45
+ options[:list] = l
46
+ end
47
+
48
+ opts.on_tail("-h", "--help", "Show help message") do
49
+ puts opts
50
+ exit
51
+ end
52
+ end.parse!
53
+
54
+ begin
55
+ nsc = Connection.new(options[:ip], options[:user], options[:password]) if options[:port].nil?
56
+ nsc = Connection.new(options[:ip], options[:user], options[:password], port = options[:port]) if options[:port]
57
+ nsc.login
58
+ rescue => e
59
+ raise e
60
+ end
61
+
62
+ nexpose = NexposeMagic.new
63
+
64
+ if not options[:scan_engine].nil?
65
+ nexpose.engine = Engine.load(nsc, options[:scan_engine])
66
+ nexpose.populate_engine.each { |x| puts x }
67
+
68
+ elsif not options[:site].nil?
69
+ nexpose.site = Site.load(nsc, options[:site])
70
+ nexpose.populate_site.each {|x| puts x }
71
+
72
+ elsif not options[:list].nil?
73
+ case options[:list]
74
+ when "engines"
75
+ nexpose.engines = nsc.list_engines
76
+ nexpose.list_engines
77
+ when "sites"
78
+ nexpose.sites = nsc.list_sites
79
+ nexpose.list_sites
80
+ else
81
+ puts "You gave an invalid list argument"
82
+ end
83
+
84
+ elsif not options[:scans].nil?
85
+ nexpose.scans = nsc.scan_activity
86
+ nexpose.populate_scans.each { |x| puts x }
87
+ end
88
+
89
+ nsc.logout
90
+
91
+
92
+
data/lib/nexpose-magic.rb ADDED
@@ -0,0 +1,69 @@
1
+
2
+ class NexposeMagic
3
+
4
+ attr_accessor :engine, :site, :scans, :sites, :engines
5
+
6
+ def initialize(engine=nil, site=nil, scans=nil, list_sites=nil, list_engines=nil)
7
+ @engine = engine
8
+ @site = site
9
+ @scans = scans
10
+ @list_sites = list_sites
11
+ @list_engines = list_engines
12
+ end
13
+
14
+ def populate_site
15
+ @assets = convert_ip_range(@site.assets)
16
+ @siteinfo = [ "Site Name: #{@site.name}",
17
+ "Site Engine ID: #{@site.engine}",
18
+ "Site Scan Template: #{@site.scan_template_name}",
19
+ "Site Assets: " ]
20
+ @assets.each { |asset| @siteinfo << "#{asset}" }
21
+ @siteinfo
22
+ end
23
+
24
+ def populate_engine
25
+ @engineinfo = [ "Engine Name: #{@engine.name}",
26
+ "Engine Address: #{@engine.address}",
27
+ "Engine ID: #{@engine.id}",
28
+ "Engine Sites: " ]
29
+ @engine.sites.each { |x| @engineinfo << "Site ID: #{x.id} Site Name: #{x.name}" }
30
+ @engineinfo
31
+ end
32
+
33
+ def convert_ip_range(assets)
34
+ ips = []
35
+ assets.each do |asset|
36
+ unless asset.to
37
+ ips << asset.from
38
+ else
39
+ ips << asset.from + "-" + asset.to
40
+ end
41
+ end
42
+ ips
43
+ end
44
+
45
+ def populate_scans
46
+ return ["No scans currently running"] if @scans.empty?
47
+
48
+ @scaninfo = [ "Scans currently runnning"]
49
+ @scans.each do |x|
50
+ @scaninfo << "Scan ID: #{x.scan_id}"
51
+ @scaninfo << "Site ID: #{x.site_id}"
52
+ @scaninfo << "Status: #{x.status}"
53
+ @scaninfo << "Engine ID: #{x.engine_id}"
54
+ @scaninfo << "Scan Start Time: #{x.start_time}"
55
+ @scaninfo << "Nodes: #{x.nodes.live}"
56
+ @scaninfo << ""
57
+ end
58
+ @scaninfo
59
+ end
60
+
61
+ def list_sites
62
+ tp @sites
63
+ end
64
+
65
+ def list_engines
66
+ tp @engines
67
+ end
68
+
69
+ end
data/nexposemagic.rspec ADDED
@@ -0,0 +1,44 @@
1
+ require 'nexpose-magic'
2
+ #You'll need to fill in Connection.new for this test to be successful
3
+ #
4
+
5
+ describe NexposeMagic do
6
+
7
+ before :each do
8
+ @nexpose = NexposeMagic.new
9
+ end
10
+
11
+ it "should populate engine information about a known scan engine" do
12
+ sites = []
13
+ stub_site = stub :id => "234234", :name => "This is a test site"
14
+ sites << stub_site
15
+ stub_engine = stub :name => "CFS-LH-2000", :id => "99", :address => "192.168.1.25", :sites => sites
16
+ @nexpose.engine = stub_engine
17
+ @nexpose.populate_engine.should include("Engine Name: CFS-LH-2000")
18
+ @nexpose.populate_engine.should include("Engine Address: 192.168.1.25")
19
+ end
20
+
21
+ it "should populate site information about a known site" do
22
+ assets = []
23
+ stub_asset = stub :from => "192.168.1.1", :to => "192.168.1.254"
24
+ assets << stub_asset
25
+ stub_site = stub :name => "This is a test site", :engine => "CFS-LH-2000", :scan_template_name => "Template PCI", :assets => assets
26
+ @nexpose.site = stub_site
27
+ @nexpose.populate_site.should include("Site Name: This is a test site")
28
+ end
29
+
30
+ it "should let you know when no scans are running" do
31
+ stub_scans = []
32
+ @nexpose.scans = stub_scans
33
+ @nexpose.populate_scans.should include("No scans currently running")
34
+ end
35
+
36
+ it "should display scans when they are running" do
37
+ stub_scans = []
38
+ stub_nodes = stub :live => "46"
39
+ stub_scan = stub :scan_id => "32434", :site_id => "343434", :status => "running", :engine_id => "99", :start_time => "03/02/2014 12:34:54", :nodes => stub_nodes
40
+ stub_scans << stub_scan
41
+ @nexpose.scans = stub_scans
42
+ @nexpose.populate_scans.should include("Scan ID: 32434")
43
+ end
44
+ end
metadata ADDED
@@ -0,0 +1,75 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: nexpose-magic
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: ruby
6
+ authors:
7
+ - Matthew Spah
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-03-13 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: nexpose
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: table_print
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ description: Nexpose-magic - Nexpose adminstration CLI tool
42
+ email: spahmatthew@gmail.com
43
+ executables:
44
+ - nexmagic.rb
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - README
49
+ - bin/nexmagic.rb
50
+ - lib/nexpose-magic.rb
51
+ - nexposemagic.rspec
52
+ homepage:
53
+ licenses: []
54
+ metadata: {}
55
+ post_install_message:
56
+ rdoc_options: []
57
+ require_paths:
58
+ - lib
59
+ required_ruby_version: !ruby/object:Gem::Requirement
60
+ requirements:
61
+ - - ">="
62
+ - !ruby/object:Gem::Version
63
+ version: '0'
64
+ required_rubygems_version: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ requirements: []
70
+ rubyforge_project:
71
+ rubygems_version: 2.2.2
72
+ signing_key:
73
+ specification_version: 4
74
+ summary: Nexpose-magic - Nexpose adminstration CLI tool
75
+ test_files: []