nexpose-magic 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/README +26 -0
- data/bin/nexmagic.rb +92 -0
- data/lib/nexpose-magic.rb +69 -0
- data/nexposemagic.rspec +44 -0
- metadata +75 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 46316b96692e942e08a24d91c67939017fbb9d8d
|
4
|
+
data.tar.gz: ce6dcd7e2d17e5a8d0a52c9ddc1905a0261cd427
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 16b266ea56fae5da2e3e854fa897e306641aceff2ae4d81c371683d248085c833e22c659598c189a45d78a14f2379fb43ab3277175d11800502067ca06e3b0ac
|
7
|
+
data.tar.gz: f08095961f428ce5ba66a8d19f75eb6f0573ff7becb3a26489abe95f1c4a10840fc566721ef6311b7737e3217ee79d4de3fe4d0c79edd5dd231260830863d323
|
data/README
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
Nexpose Magic is a project created by Matthew Spah to help Nexpose Admins pull information from their consoles on the command line.
|
2
|
+
|
3
|
+
It is currently in alpha stage and should only be used for testing purposes.
|
4
|
+
|
5
|
+
Required files:
|
6
|
+
nexpose-magic.rb
|
7
|
+
nexmagic.rb
|
8
|
+
|
9
|
+
Nexpose Magic uses the arugments supplied by -u, -p, and -i to make the connection the the nexpose console
|
10
|
+
|
11
|
+
To display information about a specific scan engine:
|
12
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -e [--engine] <engine ID>
|
13
|
+
|
14
|
+
To display nexpose site information:
|
15
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -t [--site] <site ID>
|
16
|
+
|
17
|
+
To display scans that are currently running on your nexpose console:
|
18
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -v [--vscans]
|
19
|
+
|
20
|
+
To display a table list of either all sites or engines present on a console:
|
21
|
+
- nexmagic.rb -i 192.168.1.128 -u nexposeuser -p password -l [--list] <scans | engines>
|
22
|
+
|
23
|
+
To display command line help:
|
24
|
+
- nexmagic.rb -h
|
25
|
+
|
26
|
+
|
data/bin/nexmagic.rb
ADDED
@@ -0,0 +1,92 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require 'nexpose-magic'
|
3
|
+
require 'optparse'
|
4
|
+
require 'nexpose'
|
5
|
+
require 'table_print'
|
6
|
+
include Nexpose
|
7
|
+
|
8
|
+
options = {}
|
9
|
+
|
10
|
+
OptionParser.new do |opts|
|
11
|
+
opts.banner = "Usage: nexpose-magic.rb -c [console] [options]"
|
12
|
+
|
13
|
+
opts.separator ""
|
14
|
+
opts.separator "Specific options:"
|
15
|
+
|
16
|
+
opts.on('-i', "--ip <IP ADDRESS>", "Nexpose Console IP") do |i|
|
17
|
+
options[:ip] = i
|
18
|
+
end
|
19
|
+
|
20
|
+
opts.on('-u', "--user <User>", "Nexpose Console User") do |u|
|
21
|
+
options[:user] = u
|
22
|
+
end
|
23
|
+
|
24
|
+
opts.on('-p', "--password <Password>", "Nexpose Console Password") do |p|
|
25
|
+
options[:password] = p
|
26
|
+
end
|
27
|
+
|
28
|
+
opts.on('-t', "--port <Port Number>", "Nexpose Port Number") do |t|
|
29
|
+
options[:port] = t
|
30
|
+
end
|
31
|
+
|
32
|
+
opts.on("-e", "--engine <Engine ID>", "Display Scan Engine Information") do |e|
|
33
|
+
options[:scan_engine] = e
|
34
|
+
end
|
35
|
+
|
36
|
+
opts.on("-s", "--site <site ID>", "Display Site Information") do |s|
|
37
|
+
options[:site] = s
|
38
|
+
end
|
39
|
+
|
40
|
+
opts.on("-v", "--vscans", "Display currently running Nexpose vulnerability scans") do |v|
|
41
|
+
options[:scans] = v
|
42
|
+
end
|
43
|
+
|
44
|
+
opts.on("-l", "--list [sites] [engines]", "Display tabled list of all Nexpose Sites, or Scan Engines present on a console") do |l|
|
45
|
+
options[:list] = l
|
46
|
+
end
|
47
|
+
|
48
|
+
opts.on_tail("-h", "--help", "Show help message") do
|
49
|
+
puts opts
|
50
|
+
exit
|
51
|
+
end
|
52
|
+
end.parse!
|
53
|
+
|
54
|
+
begin
|
55
|
+
nsc = Connection.new(options[:ip], options[:user], options[:password]) if options[:port].nil?
|
56
|
+
nsc = Connection.new(options[:ip], options[:user], options[:password], port = options[:port]) if options[:port]
|
57
|
+
nsc.login
|
58
|
+
rescue => e
|
59
|
+
raise e
|
60
|
+
end
|
61
|
+
|
62
|
+
nexpose = NexposeMagic.new
|
63
|
+
|
64
|
+
if not options[:scan_engine].nil?
|
65
|
+
nexpose.engine = Engine.load(nsc, options[:scan_engine])
|
66
|
+
nexpose.populate_engine.each { |x| puts x }
|
67
|
+
|
68
|
+
elsif not options[:site].nil?
|
69
|
+
nexpose.site = Site.load(nsc, options[:site])
|
70
|
+
nexpose.populate_site.each {|x| puts x }
|
71
|
+
|
72
|
+
elsif not options[:list].nil?
|
73
|
+
case options[:list]
|
74
|
+
when "engines"
|
75
|
+
nexpose.engines = nsc.list_engines
|
76
|
+
nexpose.list_engines
|
77
|
+
when "sites"
|
78
|
+
nexpose.sites = nsc.list_sites
|
79
|
+
nexpose.list_sites
|
80
|
+
else
|
81
|
+
puts "You gave an invalid list argument"
|
82
|
+
end
|
83
|
+
|
84
|
+
elsif not options[:scans].nil?
|
85
|
+
nexpose.scans = nsc.scan_activity
|
86
|
+
nexpose.populate_scans.each { |x| puts x }
|
87
|
+
end
|
88
|
+
|
89
|
+
nsc.logout
|
90
|
+
|
91
|
+
|
92
|
+
|
@@ -0,0 +1,69 @@
|
|
1
|
+
|
2
|
+
class NexposeMagic
|
3
|
+
|
4
|
+
attr_accessor :engine, :site, :scans, :sites, :engines
|
5
|
+
|
6
|
+
def initialize(engine=nil, site=nil, scans=nil, list_sites=nil, list_engines=nil)
|
7
|
+
@engine = engine
|
8
|
+
@site = site
|
9
|
+
@scans = scans
|
10
|
+
@list_sites = list_sites
|
11
|
+
@list_engines = list_engines
|
12
|
+
end
|
13
|
+
|
14
|
+
def populate_site
|
15
|
+
@assets = convert_ip_range(@site.assets)
|
16
|
+
@siteinfo = [ "Site Name: #{@site.name}",
|
17
|
+
"Site Engine ID: #{@site.engine}",
|
18
|
+
"Site Scan Template: #{@site.scan_template_name}",
|
19
|
+
"Site Assets: " ]
|
20
|
+
@assets.each { |asset| @siteinfo << "#{asset}" }
|
21
|
+
@siteinfo
|
22
|
+
end
|
23
|
+
|
24
|
+
def populate_engine
|
25
|
+
@engineinfo = [ "Engine Name: #{@engine.name}",
|
26
|
+
"Engine Address: #{@engine.address}",
|
27
|
+
"Engine ID: #{@engine.id}",
|
28
|
+
"Engine Sites: " ]
|
29
|
+
@engine.sites.each { |x| @engineinfo << "Site ID: #{x.id} Site Name: #{x.name}" }
|
30
|
+
@engineinfo
|
31
|
+
end
|
32
|
+
|
33
|
+
def convert_ip_range(assets)
|
34
|
+
ips = []
|
35
|
+
assets.each do |asset|
|
36
|
+
unless asset.to
|
37
|
+
ips << asset.from
|
38
|
+
else
|
39
|
+
ips << asset.from + "-" + asset.to
|
40
|
+
end
|
41
|
+
end
|
42
|
+
ips
|
43
|
+
end
|
44
|
+
|
45
|
+
def populate_scans
|
46
|
+
return ["No scans currently running"] if @scans.empty?
|
47
|
+
|
48
|
+
@scaninfo = [ "Scans currently runnning"]
|
49
|
+
@scans.each do |x|
|
50
|
+
@scaninfo << "Scan ID: #{x.scan_id}"
|
51
|
+
@scaninfo << "Site ID: #{x.site_id}"
|
52
|
+
@scaninfo << "Status: #{x.status}"
|
53
|
+
@scaninfo << "Engine ID: #{x.engine_id}"
|
54
|
+
@scaninfo << "Scan Start Time: #{x.start_time}"
|
55
|
+
@scaninfo << "Nodes: #{x.nodes.live}"
|
56
|
+
@scaninfo << ""
|
57
|
+
end
|
58
|
+
@scaninfo
|
59
|
+
end
|
60
|
+
|
61
|
+
def list_sites
|
62
|
+
tp @sites
|
63
|
+
end
|
64
|
+
|
65
|
+
def list_engines
|
66
|
+
tp @engines
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
data/nexposemagic.rspec
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'nexpose-magic'
|
2
|
+
#You'll need to fill in Connection.new for this test to be successful
|
3
|
+
#
|
4
|
+
|
5
|
+
describe NexposeMagic do
|
6
|
+
|
7
|
+
before :each do
|
8
|
+
@nexpose = NexposeMagic.new
|
9
|
+
end
|
10
|
+
|
11
|
+
it "should populate engine information about a known scan engine" do
|
12
|
+
sites = []
|
13
|
+
stub_site = stub :id => "234234", :name => "This is a test site"
|
14
|
+
sites << stub_site
|
15
|
+
stub_engine = stub :name => "CFS-LH-2000", :id => "99", :address => "192.168.1.25", :sites => sites
|
16
|
+
@nexpose.engine = stub_engine
|
17
|
+
@nexpose.populate_engine.should include("Engine Name: CFS-LH-2000")
|
18
|
+
@nexpose.populate_engine.should include("Engine Address: 192.168.1.25")
|
19
|
+
end
|
20
|
+
|
21
|
+
it "should populate site information about a known site" do
|
22
|
+
assets = []
|
23
|
+
stub_asset = stub :from => "192.168.1.1", :to => "192.168.1.254"
|
24
|
+
assets << stub_asset
|
25
|
+
stub_site = stub :name => "This is a test site", :engine => "CFS-LH-2000", :scan_template_name => "Template PCI", :assets => assets
|
26
|
+
@nexpose.site = stub_site
|
27
|
+
@nexpose.populate_site.should include("Site Name: This is a test site")
|
28
|
+
end
|
29
|
+
|
30
|
+
it "should let you know when no scans are running" do
|
31
|
+
stub_scans = []
|
32
|
+
@nexpose.scans = stub_scans
|
33
|
+
@nexpose.populate_scans.should include("No scans currently running")
|
34
|
+
end
|
35
|
+
|
36
|
+
it "should display scans when they are running" do
|
37
|
+
stub_scans = []
|
38
|
+
stub_nodes = stub :live => "46"
|
39
|
+
stub_scan = stub :scan_id => "32434", :site_id => "343434", :status => "running", :engine_id => "99", :start_time => "03/02/2014 12:34:54", :nodes => stub_nodes
|
40
|
+
stub_scans << stub_scan
|
41
|
+
@nexpose.scans = stub_scans
|
42
|
+
@nexpose.populate_scans.should include("Scan ID: 32434")
|
43
|
+
end
|
44
|
+
end
|
metadata
ADDED
@@ -0,0 +1,75 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: nexpose-magic
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.2
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Matthew Spah
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-03-13 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: nexpose
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: table_print
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
description: Nexpose-magic - Nexpose adminstration CLI tool
|
42
|
+
email: spahmatthew@gmail.com
|
43
|
+
executables:
|
44
|
+
- nexmagic.rb
|
45
|
+
extensions: []
|
46
|
+
extra_rdoc_files: []
|
47
|
+
files:
|
48
|
+
- README
|
49
|
+
- bin/nexmagic.rb
|
50
|
+
- lib/nexpose-magic.rb
|
51
|
+
- nexposemagic.rspec
|
52
|
+
homepage:
|
53
|
+
licenses: []
|
54
|
+
metadata: {}
|
55
|
+
post_install_message:
|
56
|
+
rdoc_options: []
|
57
|
+
require_paths:
|
58
|
+
- lib
|
59
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
60
|
+
requirements:
|
61
|
+
- - ">="
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: '0'
|
64
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
requirements: []
|
70
|
+
rubyforge_project:
|
71
|
+
rubygems_version: 2.2.2
|
72
|
+
signing_key:
|
73
|
+
specification_version: 4
|
74
|
+
summary: Nexpose-magic - Nexpose adminstration CLI tool
|
75
|
+
test_files: []
|