nexpose 0.0.8 → 0.0.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. data/lib/nexpose.rb +328 -2
  2. data/nexpose.gemspec +1 -1
  3. metadata +6 -6
data/lib/nexpose.rb CHANGED
@@ -589,8 +589,8 @@ module NexposeAPI
589
589
  res << {
590
590
  :site_id => site.attributes['id'].to_i,
591
591
  :name => site.attributes['name'].to_s,
592
- :risk_factor => site.attributes['risk_factor'].to_f,
593
- :risk_score => site.attributes['risk_score'].to_f,
592
+ :risk_factor => site.attributes['riskfactor'].to_f,
593
+ :risk_score => site.attributes['riskscore'].to_f,
594
594
  }
595
595
  end
596
596
  return res
@@ -622,6 +622,332 @@ module NexposeAPI
622
622
  end
623
623
  end
624
624
 
625
+ ###################
626
+ # VULN EXCEPTIONS #
627
+ ###################
628
+
629
+ #-----------------------------------------------------------------------
630
+ # Returns an array of vulnerability exceptions and their associated
631
+ # attributes.
632
+ #
633
+ # @param status - (optional) The status of the vulnerability exception:
634
+ # "Under Review", "Approved", "Rejected"
635
+ #-----------------------------------------------------------------------
636
+ def vuln_listing status=nil
637
+ option = {}
638
+
639
+ if status && !status.empty?
640
+ if status =~ /Under Review|Approved|Rejected/
641
+ option['status'] = status
642
+ else
643
+ raise ArgumentError.new 'The vulnerability status passed in is invalid!'
644
+ end
645
+ end
646
+
647
+ xml = make_xml('VulnerabilityExceptionListingRequest', option)
648
+ r = execute xml, '1.2'
649
+
650
+ if r.success
651
+ res = []
652
+ r.res.elements.each("//VulnerabilityException") do |ve|
653
+ submitter_comment = ve.elements['submitter-comment']
654
+ reviewer_comment = ve.elements['reviewer-comment']
655
+ res << {
656
+ :vuln_id => ve.attributes['vuln-id'],
657
+ :exception_id => ve.attributes['exception-id'],
658
+ :submitter => ve.attributes['submitter'],
659
+ :reviewer => ve.attributes['reviewer'],
660
+ :status => ve.attributes['status'],
661
+ :reason => ve.attributes['reason'],
662
+ :scope => ve.attributes['scope'],
663
+ :device_id => ve.attributes['device-id'],
664
+ :port_no => ve.attributes['port-no'],
665
+ :expiration_date => ve.attributes['expiration-date'],
666
+ :vuln_key => ve.attributes['vuln-key'],
667
+ :submitter_comment => submitter_comment.nil? ? '' : submitter_comment.text,
668
+ :reviewer_comment => reviewer_comment.nil? ? '' : reviewer_comment.text
669
+ }
670
+ end
671
+ res
672
+ else
673
+ false
674
+ end
675
+ end
676
+
677
+ #-------------------------------------------------------------------------------------------------------------------
678
+ # Creates a vulnerability exception.
679
+ #
680
+ # @param input - data used to create the vulnerability exception:
681
+ # :vuln_id - The Nexpose vulnerability ID.
682
+ # :reason - The reason for the exception
683
+ # values - "False Positive", "Compensating Control", "Acceptable Use", "Acceptable Risk", "Other"
684
+ # :scope - The scope type (NOTE: The case is important)
685
+ # values - "All Instances", "All Instances on a Specific Asset", "Specific Instance of a specific Asset"
686
+ # :comment - A user comment
687
+ # :device-id - Used for specific instances related to "All Instances on a Specific Asset" AND "Specific Instance of Specific Asset"
688
+ # :port - All assets on this port related to "Specific Instance of a specific Asset"
689
+ # :vuln-key - The vulnerability key related to the "Specific Instance of a specific Asset"
690
+ #
691
+ # @returns exception-id - The Id associated with this create request
692
+ #-------------------------------------------------------------------------------------------------------------------
693
+ def vuln_exception_create input
694
+ options = {}
695
+
696
+ if input.nil?
697
+ raise ArgumentError.new 'The input element cannot be null'
698
+ end
699
+
700
+ vuln_id = input[:vuln_id]
701
+ if !vuln_id
702
+ raise ArgumentError.new 'The vulnerability ID is required'
703
+ end
704
+ options['vuln-id'] = vuln_id
705
+
706
+ reason = input[:reason]
707
+ if reason.nil? || reason.empty?
708
+ raise ArgumentError.new 'The reason is required'
709
+ end
710
+
711
+ unless reason =~ /False Positive|Compensating Control|Acceptable Use|Acceptable Risk|Other/
712
+ raise ArgumentError.new 'The reason type is invalid'
713
+ end
714
+ options['reason'] = reason
715
+
716
+ scope = input[:scope]
717
+ if scope.nil? || scope.empty?
718
+ raise ArgumentError.new 'The scope is required'
719
+ end
720
+
721
+ # For scope case matters.
722
+ unless scope =~ /All Instances|All Instances on a Specific Asset|Specific Instance of Specific Asset/
723
+ raise ArgumentError.new 'The scope type is invalid'
724
+ end
725
+
726
+ if scope =~ /All Instances on a Specific Asset|Specific Instance of Specific Asset/
727
+ device_id = input[:device_id]
728
+ vuln_key = input[:vuln_key]
729
+ port = input[:port]
730
+ if device_id
731
+ options['device-id'] = device_id
732
+ end
733
+
734
+ if (scope =~ /All Instances on a Specific Asset/ && (vuln_key || port))
735
+ raise ArgumentError.new "Vulnerability key or port cannot be used with the scope specified"
736
+ end
737
+
738
+ if vuln_key
739
+ options['vuln-key'] = vuln_key
740
+ end
741
+
742
+ if port
743
+ options['port-no'] = port
744
+ end
745
+ end
746
+ options['scope'] = scope
747
+
748
+ xml = make_xml('VulnerabilityExceptionCreateRequest', options)
749
+
750
+ comment = input[:comment]
751
+ if comment && !comment.empty?
752
+ comment_xml = make_xml('comment', {}, comment, false)
753
+ xml.add_element comment_xml
754
+ else
755
+ raise ArgumentError.new 'The comment cannot be empty'
756
+ end
757
+
758
+ r = execute xml, '1.2'
759
+ if r.success
760
+ r.res.elements.each("//VulnerabilityExceptionCreateResponse") do |vecr|
761
+ return vecr.attributes['exception-id']
762
+ end
763
+ else
764
+ false
765
+ end
766
+ end
767
+
768
+ #-------------------------------------------------------------------------------------------------------------------
769
+ # Resubmit a vulnerability exception.
770
+ #
771
+ # @param input - data used to create the vulnerability exception:
772
+ # :vuln_id - The Nexpose vulnerability ID. (required)
773
+ # :reason - The reason for the exception (optional)
774
+ # values - "False Positive", "Compensating Control", "Acceptable Use", "Acceptable Risk", "Other"
775
+ # :comment - A user comment (required)
776
+ #-------------------------------------------------------------------------------------------------------------------
777
+ def vuln_exception_resubmit input
778
+ options = {}
779
+
780
+ if input.nil?
781
+ raise ArgumentError.new 'The input element cannot be null'
782
+ end
783
+
784
+ exception_id = input[:exception_id]
785
+ if !exception_id
786
+ raise ArgumentError.new 'The exception ID is required'
787
+ end
788
+ options['exception-id'] = exception_id
789
+
790
+ reason = input[:reason]
791
+ if !reason.nil? && !reason.empty?
792
+ unless reason =~ /False Positive|Compensating Control|Acceptable Use|Acceptable Risk|Other/
793
+ raise ArgumentError.new 'The reason type is invalid'
794
+ end
795
+ options['reason'] = reason
796
+
797
+ end
798
+
799
+ xml = make_xml('VulnerabilityExceptionResubmitRequest', options)
800
+
801
+ comment = input[:comment]
802
+ if comment && !comment.empty?
803
+ comment_xml = make_xml('comment', {}, comment, false)
804
+ xml.add_element comment_xml
805
+ end
806
+
807
+ r = execute xml, '1.2'
808
+ r.success
809
+ end
810
+
811
+ #-------------------------------------------------------------------------------------------------------------------
812
+ # Allows a previously submitted exception that has not been approved to be withdrawn.
813
+ #
814
+ # @param exception_id - The exception id returned after the vuln exception was submitted for creation.
815
+ #-------------------------------------------------------------------------------------------------------------------
816
+ def vuln_exception_recall exception_id
817
+ xml = make_xml('VulnerabilityExceptionRecallRequest', {'exception-id' => exception_id})
818
+ r = execute xml, '1.2'
819
+ r.success
820
+ end
821
+
822
+
823
+ #-------------------------------------------------------------------------------------------------------------------
824
+ # Allows a submitted vulnerability exception to be approved.
825
+ #
826
+ # @param input:
827
+ # :exception_id - The exception id returned after the vuln exception was submitted for creation.
828
+ # :comment - An optional comment
829
+ #-------------------------------------------------------------------------------------------------------------------
830
+ def vuln_exception_approve input
831
+ exception_id = input[:exception_id]
832
+ if !exception_id
833
+ raise ArgumentError.new 'Exception Id is required'
834
+ end
835
+
836
+ xml = make_xml('VulnerabilityExceptionApproveRequest', {'exception-id' => exception_id})
837
+ comment = input[:comment]
838
+ if comment && !comment.empty?
839
+ comment_xml = make_xml('comment', {}, comment, false)
840
+ xml.add_element comment_xml
841
+ end
842
+
843
+ r = execute xml, '1.2'
844
+ r.success
845
+ end
846
+
847
+ #-------------------------------------------------------------------------------------------------------------------
848
+ # Rejects a submitted vulnerability exception to be approved.
849
+ #
850
+ # @param input:
851
+ # :exception_id - The exception id returned after the vuln exception was submitted for creation.
852
+ # :comment - An optional comment
853
+ #-------------------------------------------------------------------------------------------------------------------
854
+ def vuln_exception_reject input
855
+ exception_id = input[:exception_id]
856
+ if !exception_id
857
+ raise ArgumentError.new 'Exception Id is required'
858
+ end
859
+
860
+ xml = make_xml('VulnerabilityExceptionRejectRequest', {'exception-id' => exception_id})
861
+ comment = input[:comment]
862
+ if comment && !comment.empty?
863
+ comment_xml = make_xml('comment', {}, comment, false)
864
+ xml.add_element comment_xml
865
+ end
866
+
867
+ r = execute xml, '1.2'
868
+ r.success
869
+ end
870
+
871
+ #-------------------------------------------------------------------------------------------------------------------
872
+ # Updates a vulnerability exception comment.
873
+ #
874
+ # @param input:
875
+ # :exception_id - The exception id returned after the vuln exception was submitted for creation.
876
+ # :submitter_comment - The submitter comment
877
+ # :reviewer_comment - The reviewer comment
878
+ #-------------------------------------------------------------------------------------------------------------------
879
+ def vuln_exception_update_comment input
880
+ exception_id = input[:exception_id]
881
+ if !exception_id
882
+ raise ArgumentError.new 'Exception Id is required'
883
+ end
884
+
885
+ xml = make_xml('VulnerabilityExceptionUpdateCommentRequest', {'exception-id' => exception_id})
886
+ submitter_comment = input[:submitter_comment]
887
+ if submitter_comment && !submitter_comment.empty?
888
+ comment_xml = make_xml('submitter-comment', {}, submitter_comment, false)
889
+ xml.add_element comment_xml
890
+ end
891
+
892
+ reviewer_comment = input[:reviewer_comment]
893
+ if reviewer_comment && !reviewer_comment.empty?
894
+ comment_xml = make_xml('reviewer-comment', {}, reviewer_comment, false)
895
+ xml.add_element comment_xml
896
+ end
897
+
898
+ r = execute xml, '1.2'
899
+ r.success
900
+ end
901
+
902
+ #-------------------------------------------------------------------------------------------------------------------
903
+ # Update the expiration date for a vulnerability exception.
904
+ #
905
+ # @param input
906
+ # :exception_id - The exception id returned after the vulnerability exception was submitted for creation.
907
+ # :expiration_date - The new expiration date format: YYYY-MM-DD
908
+ #-------------------------------------------------------------------------------------------------------------------
909
+ def vuln_exception_update_expiration_date input
910
+ exception_id = input[:exception_id]
911
+ if !exception_id
912
+ raise ArgumentError.new 'Exception Id is required'
913
+ end
914
+
915
+ expiration_date = input[:expiration_date]
916
+ if expiration_date && !expiration_date.empty? && expiration_date =~ /\A\d{4}-(\d{2})-(\d{2})\z/
917
+ if $1.to_i > 12
918
+ raise ArgumentError.new 'The expiration date month value is invalid'
919
+ end
920
+
921
+ if $2.to_i > 31
922
+ raise ArgumentError.new 'The expiration date day value is invalid'
923
+ end
924
+ else
925
+ raise ArgumentError.new 'Expiration date is invalid'
926
+ end
927
+
928
+ options = {}
929
+ options['exception-id'] = exception_id
930
+ options['expiration-date'] = expiration_date
931
+ xml = make_xml('VulnerabilityExceptionUpdateExpirationDateRequest', options)
932
+ r = execute xml, '1.2'
933
+ r.success
934
+ end
935
+
936
+ #-------------------------------------------------------------------------------------------------------------------
937
+ # Deletes a submitted vulnerability exception to be approved.
938
+ #
939
+ # @param exception_id - The exception id returned after the vuln exception was submitted for creation.
940
+ #-------------------------------------------------------------------------------------------------------------------
941
+ def vuln_exception_delete exception_id
942
+ if !exception_id
943
+ raise ArgumentError.new 'Exception Id is required'
944
+ end
945
+
946
+ xml = make_xml('VulnerabilityExceptionDeleteRequest', {'exception-id' => exception_id})
947
+ r = execute xml, '1.2'
948
+ r.success
949
+ end
950
+
625
951
  ###################
626
952
  # SILO MANAGEMENT #
627
953
  ###################
data/nexpose.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  # encoding: utf-8
2
2
 
3
3
  APP_NAME = "nexpose"
4
- VERSION = "0.0.8"
4
+ VERSION = "0.0.9"
5
5
  REVISION = "12878"
6
6
 
7
7
  Gem::Specification.new do |s|
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.8
4
+ version: 0.0.9
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,12 +10,12 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2011-11-07 00:00:00.000000000 -06:00
13
+ date: 2011-12-16 00:00:00.000000000 -06:00
14
14
  default_executable:
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: librex
18
- requirement: &2920356 !ruby/object:Gem::Requirement
18
+ requirement: &26616156 !ruby/object:Gem::Requirement
19
19
  none: false
20
20
  requirements:
21
21
  - - ! '>='
@@ -23,10 +23,10 @@ dependencies:
23
23
  version: 0.0.32
24
24
  type: :runtime
25
25
  prerelease: false
26
- version_requirements: *2920356
26
+ version_requirements: *26616156
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rex
29
- requirement: &19472268 !ruby/object:Gem::Requirement
29
+ requirement: &26615880 !ruby/object:Gem::Requirement
30
30
  none: false
31
31
  requirements:
32
32
  - - ! '>='
@@ -34,7 +34,7 @@ dependencies:
34
34
  version: 1.0.2
35
35
  type: :runtime
36
36
  prerelease: false
37
- version_requirements: *19472268
37
+ version_requirements: *26615880
38
38
  description: This gem provides a Ruby API to the NeXpose vulnerability management
39
39
  product by Rapid7. This version is based on Metasploit SVN revision 12878
40
40
  email: