nexpose-magic 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +7 -0
  2. data/README +26 -0
  3. data/bin/nexmagic.rb +92 -0
  4. data/lib/nexpose-magic.rb +69 -0
  5. data/nexposemagic.rspec +44 -0
  6. metadata +75 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 46316b96692e942e08a24d91c67939017fbb9d8d
4
+ data.tar.gz: ce6dcd7e2d17e5a8d0a52c9ddc1905a0261cd427
5
+ SHA512:
6
+ metadata.gz: 16b266ea56fae5da2e3e854fa897e306641aceff2ae4d81c371683d248085c833e22c659598c189a45d78a14f2379fb43ab3277175d11800502067ca06e3b0ac
7
+ data.tar.gz: f08095961f428ce5ba66a8d19f75eb6f0573ff7becb3a26489abe95f1c4a10840fc566721ef6311b7737e3217ee79d4de3fe4d0c79edd5dd231260830863d323
data/README ADDED
@@ -0,0 +1,26 @@
1
+ Nexpose Magic is a project created by Matthew Spah to help Nexpose Admins pull information from their consoles on the command line.
2
+
3
+ It is currently in alpha stage and should only be used for testing purposes.
4
+
5
+ Required files:
6
+ nexpose-magic.rb
7
+ nexmagic.rb
8
+
9
+ Nexpose Magic uses the arugments supplied by -u, -p, and -i to make the connection the the nexpose console
10
+
11
+ To display information about a specific scan engine:
12
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -e [--engine] <engine ID>
13
+
14
+ To display nexpose site information:
15
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -t [--site] <site ID>
16
+
17
+ To display scans that are currently running on your nexpose console:
18
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -v [--vscans]
19
+
20
+ To display a table list of either all sites or engines present on a console:
21
+ - nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -l [--list] <scans | engines>
22
+
23
+ To display command line help:
24
+ - nexmagic.rb -h
25
+
26
+
data/bin/nexmagic.rb ADDED
@@ -0,0 +1,92 @@
1
+ #!/usr/bin/env ruby
2
+ require 'nexpose-magic'
3
+ require 'optparse'
4
+ require 'nexpose'
5
+ require 'table_print'
6
+ include Nexpose
7
+
8
+ options = {}
9
+
10
+ OptionParser.new do |opts|
11
+ opts.banner = "Usage: nexpose-magic.rb -c [console] [options]"
12
+
13
+ opts.separator ""
14
+ opts.separator "Specific options:"
15
+
16
+ opts.on('-i', "--ip <IP ADDRESS>", "Nexpose Console IP") do |i|
17
+ options[:ip] = i
18
+ end
19
+
20
+ opts.on('-u', "--user <User>", "Nexpose Console User") do |u|
21
+ options[:user] = u
22
+ end
23
+
24
+ opts.on('-p', "--password <Password>", "Nexpose Console Password") do |p|
25
+ options[:password] = p
26
+ end
27
+
28
+ opts.on('-t', "--port <Port Number>", "Nexpose Port Number") do |t|
29
+ options[:port] = t
30
+ end
31
+
32
+ opts.on("-e", "--engine <Engine ID>", "Display Scan Engine Information") do |e|
33
+ options[:scan_engine] = e
34
+ end
35
+
36
+ opts.on("-s", "--site <site ID>", "Display Site Information") do |s|
37
+ options[:site] = s
38
+ end
39
+
40
+ opts.on("-v", "--vscans", "Display currently running Nexpose vulnerability scans") do |v|
41
+ options[:scans] = v
42
+ end
43
+
44
+ opts.on("-l", "--list [sites] [engines]", "Display tabled list of all Nexpose Sites, or Scan Engines present on a console") do |l|
45
+ options[:list] = l
46
+ end
47
+
48
+ opts.on_tail("-h", "--help", "Show help message") do
49
+ puts opts
50
+ exit
51
+ end
52
+ end.parse!
53
+
54
+ begin
55
+ nsc = Connection.new(options[:ip], options[:user], options[:password]) if options[:port].nil?
56
+ nsc = Connection.new(options[:ip], options[:user], options[:password], port = options[:port]) if options[:port]
57
+ nsc.login
58
+ rescue => e
59
+ raise e
60
+ end
61
+
62
+ nexpose = NexposeMagic.new
63
+
64
+ if not options[:scan_engine].nil?
65
+ nexpose.engine = Engine.load(nsc, options[:scan_engine])
66
+ nexpose.populate_engine.each { |x| puts x }
67
+
68
+ elsif not options[:site].nil?
69
+ nexpose.site = Site.load(nsc, options[:site])
70
+ nexpose.populate_site.each {|x| puts x }
71
+
72
+ elsif not options[:list].nil?
73
+ case options[:list]
74
+ when "engines"
75
+ nexpose.engines = nsc.list_engines
76
+ nexpose.list_engines
77
+ when "sites"
78
+ nexpose.sites = nsc.list_sites
79
+ nexpose.list_sites
80
+ else
81
+ puts "You gave an invalid list argument"
82
+ end
83
+
84
+ elsif not options[:scans].nil?
85
+ nexpose.scans = nsc.scan_activity
86
+ nexpose.populate_scans.each { |x| puts x }
87
+ end
88
+
89
+ nsc.logout
90
+
91
+
92
+
data/lib/nexpose-magic.rb ADDED
@@ -0,0 +1,69 @@
1
+
2
+ class NexposeMagic
3
+
4
+ attr_accessor :engine, :site, :scans, :sites, :engines
5
+
6
+ def initialize(engine=nil, site=nil, scans=nil, list_sites=nil, list_engines=nil)
7
+ @engine = engine
8
+ @site = site
9
+ @scans = scans
10
+ @list_sites = list_sites
11
+ @list_engines = list_engines
12
+ end
13
+
14
+ def populate_site
15
+ @assets = convert_ip_range(@site.assets)
16
+ @siteinfo = [ "Site Name: #{@site.name}",
17
+ "Site Engine ID: #{@site.engine}",
18
+ "Site Scan Template: #{@site.scan_template_name}",
19
+ "Site Assets: " ]
20
+ @assets.each { |asset| @siteinfo << "#{asset}" }
21
+ @siteinfo
22
+ end
23
+
24
+ def populate_engine
25
+ @engineinfo = [ "Engine Name: #{@engine.name}",
26
+ "Engine Address: #{@engine.address}",
27
+ "Engine ID: #{@engine.id}",
28
+ "Engine Sites: " ]
29
+ @engine.sites.each { |x| @engineinfo << "Site ID: #{x.id} Site Name: #{x.name}" }
30
+ @engineinfo
31
+ end
32
+
33
+ def convert_ip_range(assets)
34
+ ips = []
35
+ assets.each do |asset|
36
+ unless asset.to
37
+ ips << asset.from
38
+ else
39
+ ips << asset.from + "-" + asset.to
40
+ end
41
+ end
42
+ ips
43
+ end
44
+
45
+ def populate_scans
46
+ return ["No scans currently running"] if @scans.empty?
47
+
48
+ @scaninfo = [ "Scans currently runnning"]
49
+ @scans.each do |x|
50
+ @scaninfo << "Scan ID: #{x.scan_id}"
51
+ @scaninfo << "Site ID: #{x.site_id}"
52
+ @scaninfo << "Status: #{x.status}"
53
+ @scaninfo << "Engine ID: #{x.engine_id}"
54
+ @scaninfo << "Scan Start Time: #{x.start_time}"
55
+ @scaninfo << "Nodes: #{x.nodes.live}"
56
+ @scaninfo << ""
57
+ end
58
+ @scaninfo
59
+ end
60
+
61
+ def list_sites
62
+ tp @sites
63
+ end
64
+
65
+ def list_engines
66
+ tp @engines
67
+ end
68
+
69
+ end
data/nexposemagic.rspec ADDED
@@ -0,0 +1,44 @@
1
+ require 'nexpose-magic'
2
+ #You'll need to fill in Connection.new for this test to be successful
3
+ #
4
+
5
+ describe NexposeMagic do
6
+
7
+ before :each do
8
+ @nexpose = NexposeMagic.new
9
+ end
10
+
11
+ it "should populate engine information about a known scan engine" do
12
+ sites = []
13
+ stub_site = stub :id => "234234", :name => "This is a test site"
14
+ sites << stub_site
15
+ stub_engine = stub :name => "CFS-LH-2000", :id => "99", :address => "192.168.1.25", :sites => sites
16
+ @nexpose.engine = stub_engine
17
+ @nexpose.populate_engine.should include("Engine Name: CFS-LH-2000")
18
+ @nexpose.populate_engine.should include("Engine Address: 192.168.1.25")
19
+ end
20
+
21
+ it "should populate site information about a known site" do
22
+ assets = []
23
+ stub_asset = stub :from => "192.168.1.1", :to => "192.168.1.254"
24
+ assets << stub_asset
25
+ stub_site = stub :name => "This is a test site", :engine => "CFS-LH-2000", :scan_template_name => "Template PCI", :assets => assets
26
+ @nexpose.site = stub_site
27
+ @nexpose.populate_site.should include("Site Name: This is a test site")
28
+ end
29
+
30
+ it "should let you know when no scans are running" do
31
+ stub_scans = []
32
+ @nexpose.scans = stub_scans
33
+ @nexpose.populate_scans.should include("No scans currently running")
34
+ end
35
+
36
+ it "should display scans when they are running" do
37
+ stub_scans = []
38
+ stub_nodes = stub :live => "46"
39
+ stub_scan = stub :scan_id => "32434", :site_id => "343434", :status => "running", :engine_id => "99", :start_time => "03/02/2014 12:34:54", :nodes => stub_nodes
40
+ stub_scans << stub_scan
41
+ @nexpose.scans = stub_scans
42
+ @nexpose.populate_scans.should include("Scan ID: 32434")
43
+ end
44
+ end
metadata ADDED
@@ -0,0 +1,75 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: nexpose-magic
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: ruby
6
+ authors:
7
+ - Matthew Spah
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-03-13 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: nexpose
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: table_print
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ description: Nexpose-magic - Nexpose adminstration CLI tool
42
+ email: spahmatthew@gmail.com
43
+ executables:
44
+ - nexmagic.rb
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - README
49
+ - bin/nexmagic.rb
50
+ - lib/nexpose-magic.rb
51
+ - nexposemagic.rspec
52
+ homepage:
53
+ licenses: []
54
+ metadata: {}
55
+ post_install_message:
56
+ rdoc_options: []
57
+ require_paths:
58
+ - lib
59
+ required_ruby_version: !ruby/object:Gem::Requirement
60
+ requirements:
61
+ - - ">="
62
+ - !ruby/object:Gem::Version
63
+ version: '0'
64
+ required_rubygems_version: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ requirements: []
70
+ rubyforge_project:
71
+ rubygems_version: 2.2.2
72
+ signing_key:
73
+ specification_version: 4
74
+ summary: Nexpose-magic - Nexpose adminstration CLI tool
75
+ test_files: []