nexpose 0.0.98 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,27 @@
1
+ module Nexpose
2
+
3
+ module NexposeAPI
4
+ include XMLUtils
5
+
6
+ # Returns a summary list of all roles.
7
+ def role_listing
8
+ xml = make_xml('RoleListingRequest')
9
+ r = execute(xml, '1.2')
10
+ if r.success
11
+ res = []
12
+ r.res.elements.each('RoleListingResponse/RoleSummary') do |summary|
13
+ res << {
14
+ :id => summary.attributes['id'],
15
+ :name => summary.attributes['name'],
16
+ :full_name => summary.attributes['full-name'],
17
+ :description => summary.attributes['description'],
18
+ :enabled => summary.attributes['enabled'],
19
+ :scope => summary.attributes['scope']
20
+ }
21
+ end
22
+ res
23
+ end
24
+ end
25
+ end
26
+
27
+ end
@@ -1,285 +1,264 @@
1
- module Nexpose
2
- module NexposeAPI
3
- include XMLUtils
4
-
5
- def scan_stop(param)
6
- r = execute(make_xml('ScanStopRequest', {'scan-id' => param}))
7
- r.success
8
- end
9
-
10
- def scan_status(param)
11
- r = execute(make_xml('ScanStatusRequest', {'scan-id' => param}))
12
- r.success ? r.attributes['status'] : nil
13
- end
14
-
15
- def scan_resume(scan_id)
16
- r = execute(make_xml('ScanResumeRequest', {'scan-id' => scan_id}))
17
- r.success ? r.attributes['status'] : nil
18
- end
19
-
20
- def scan_activity
21
- r = execute(make_xml('ScanActivityRequest', {}))
22
- if (r.success)
23
- res = []
24
- r.res.elements.each("//ScanSummary") do |scan|
25
- res << {
26
- :scan_id => scan.attributes['scan-id'].to_i,
27
- :site_id => scan.attributes['site-id'].to_i,
28
- :engine_id => scan.attributes['engine-id'].to_i,
29
- :status => scan.attributes['status'].to_s,
30
- :start_time => Date.parse(scan.attributes['startTime'].to_s).to_time
31
- }
32
- end
33
- res
34
- else
35
- false
36
- end
37
- end
38
-
39
- def scan_statistics(param)
40
- r = execute(make_xml('ScanStatisticsRequest', {'scan-id' => param}))
41
- if (r.success)
42
- res = {}
43
- r.res.elements.each("//ScanSummary/nodes") do |node|
44
- res[:nodes] = {}
45
- node.attributes.keys.each do |k|
46
- res[:nodes][k] = node.attributes[k].to_i
47
- end
48
- end
49
- r.res.elements.each("//ScanSummary/tasks") do |task|
50
- res[:task] = {}
51
- task.attributes.keys.each do |k|
52
- res[:task][k] = task.attributes[k].to_i
53
- end
54
- end
55
- r.res.elements.each("//ScanSummary/vulnerabilities") do |vuln|
56
- res[:vulns] ||= {}
57
- k = vuln.attributes['status'] + (vuln.attributes['severity'] ? ("-" + vuln.attributes['severity']) : '')
58
- res[:vulns][k] = vuln.attributes['count'].to_i
59
- end
60
- r.res.elements.each("//ScanSummary") do |summ|
61
- res[:summary] = {}
62
- summ.attributes.keys.each do |k|
63
- res[:summary][k] = summ.attributes[k]
64
- if (res[:summary][k] =~ /^\d+$/)
65
- res[:summary][k] = res[:summary][k].to_i
66
- end
67
- end
68
- end
69
- r.res.elements.each("//ScanSummary/message") do |message|
70
- res[:message] = message.text
71
- end
72
- res
73
- else
74
- false
75
- end
76
- end
77
- end
78
-
79
- # === Description
80
- # Object that represents a summary of a scan.
81
- #
82
- class ScanSummary
83
- # The Scan ID of the Scan
84
- attr_reader :scan_id
85
- # The Engine ID used to perform the scan
86
- attr_reader :engine_id
87
- # TODO: add description
88
- attr_reader :name
89
- # The scan start time
90
- attr_reader :startTime
91
- # The scan finish time
92
- attr_reader :endTime
93
- # The scan status (running|finished|stopped|error| dispatched|paused|aborted|uknown)
94
- attr_reader :status
95
- # The number of pending tasks
96
- attr_reader :tasks_pending
97
- # The number of active tasks
98
- attr_reader :tasks_active
99
- # The number of completed tasks
100
- attr_reader :tasks_completed
101
- # The number of "live" nodes
102
- attr_reader :nodes_live
103
- # The number of "dead" nodes
104
- attr_reader :nodes_dead
105
- # The number of filtered nodes
106
- attr_reader :nodes_filtered
107
- # The number of unresolved nodes
108
- attr_reader :nodes_unresolved
109
- # The number of "other" nodes
110
- attr_reader :nodes_other
111
- # Confirmed vulnerabilities found (indexed by severity)
112
- # Associative array, indexed by severity
113
- attr_reader :vuln_exploit
114
- # Unconfirmed vulnerabilities found (indexed by severity)
115
- # Associative array, indexed by severity
116
- attr_reader :vuln_version
117
- # Not vulnerable checks run (confirmed)
118
- attr_reader :not_vuln_exploit
119
- # Not vulnerable checks run (unconfirmed)
120
- attr_reader :not_vuln_version
121
- # Vulnerability check errors
122
- attr_reader :vuln_error
123
- # Vulnerability checks disabled
124
- attr_reader :vuln_disabled
125
- # Vulnerability checks other
126
- attr_reader :vuln_other
127
-
128
- # Constructor
129
- # ScanSummary(can_id, $engine_id, $name, tartTime, $endTime, tatus)
130
- def initialize(scan_id, engine_id, name, startTime, endTime, status)
131
-
132
- @scan_id = scan_id
133
- @engine_id = engine_id
134
- @name = name
135
- @startTime = startTime
136
- @endTime = endTime
137
- @status = status
138
-
139
- end
140
-
141
- end
142
-
143
- # TODO
144
- # === Description
145
- # Object that represents the overview statistics for a particular scan.
146
- #
147
- # === Examples
148
- #
149
- # # Create a new Nexpose Connection on the default port and Login
150
- # nsc = Connection.new("10.1.40.10","nxadmin","password")
151
- # nsc.login()
152
- #
153
- # # Get a Site (Site ID = 12) from the NSC
154
- # site = new Site(nsc,12)
155
- #
156
- # # Start a Scan of this site and pause for 1 minute
157
- # scan1 = site.scanSite()
158
- # sleep(60)
159
- #
160
- # # Get the Scan Statistics for this scan
161
- # scanStatistics = new ScanStatistics(nsc,scan1["scan_id"])
162
- #
163
- # # Print out number of confirmed vulnerabilities with a 10 severity
164
- # puts scanStatistics.scansummary.vuln_exploit[10]
165
- #
166
- # # Print out the number of pending tasks left in the scan
167
- # puts scanStatistics.scan_summary.tasks_pending
168
- #
169
- class ScanStatistics
170
- # true if an error condition exists; false otherwise
171
- attr_reader :error
172
- # Error message string
173
- attr_reader :error_msg
174
- # The last XML request sent by this object
175
- attr_reader :request_xml
176
- # The last XML response received by this object
177
- attr_reader :reseponse_xml
178
- # The Scan ID
179
- attr_reader :scan_id
180
- # The ScanSummary of the scan
181
- attr_reader :scan_summary
182
- # The NSC Connection associated with this object
183
- attr_reader :connection
184
-
185
- # Vulnerability checks other
186
- attr_reader :vuln_other
187
-
188
- def initialize(connection, scan_id)
189
- @error = false
190
- @connection = connection
191
- @scan_id = scan_id
192
- end
193
- end
194
-
195
- # TODO add engineID
196
- # === Description
197
- # Object that represents the scanning configuration for a Site.
198
- #
199
- class ScanConfig
200
- # A unique ID for this scan configuration
201
- attr_reader :configID
202
- # The name of the scan template
203
- attr_reader :name
204
- # The ID of the scan template used full-audit, exhaustive-audit, web-audit, dos-audit, internet-audit, network-audit
205
- attr_reader :templateID
206
- # The configuration version (default is 2)
207
- attr_reader :configVersion
208
- # Array of (Schedule)*
209
- attr_reader :schedules
210
- # Array of (ScanTrigger)*
211
- attr_reader :scanTriggers
212
-
213
- def initialize(configID, name, templateID, configVersion = 2)
214
-
215
- @configID = configID
216
- @name = name
217
- @templateID = templateID
218
- @configVersion = configVersion
219
- @schedules = []
220
- @scanTriggers = []
221
-
222
- end
223
-
224
- # Adds a new Schedule for this ScanConfig
225
- def addSchedule(schedule)
226
- @schedules.push(schedule)
227
- end
228
-
229
- # Adds a new ScanTrigger to the scanTriggers array
230
- def addScanTrigger(scanTrigger)
231
- @scanTriggers.push(scanTrigger)
232
- end
233
-
234
- def _set_configID(configID)
235
- @configID = configID
236
- end
237
-
238
- def _set_name(name)
239
- @name = name
240
- end
241
-
242
- end
243
-
244
- # TODO: review
245
- # <scanFilter scanStop='0' scanFailed='0' scanStart='1'/>
246
- # === Description
247
- #
248
- class ScanFilter
249
-
250
- attr_reader :scanStop
251
- attr_reader :scanFailed
252
- attr_reader :scanStart
253
-
254
- def initialize(scanstop, scanFailed, scanStart)
255
-
256
- @scanStop = scanStop
257
- @scanFailed = scanFailed
258
- @scanStart = scanStart
259
-
260
- end
261
-
262
- end
263
-
264
-
265
- # === Description
266
- # Object that holds an event that triggers the start of a scan.
267
- #
268
- class ScanTrigger
269
- # Type of Trigger (AutoUpdate)
270
- attr_reader :type
271
- # Enable or disable this scan trigger
272
- attr_reader :enabled
273
- # Sets the trigger to start an incremental scan or a full scan
274
- attr_reader :incremental
275
-
276
- def initialize(type, incremental, enabled = 1)
277
-
278
- @type = type
279
- @incremental = incremental
280
- @enabled = enabled
281
-
282
- end
283
- end
284
-
285
- end
1
+ module Nexpose
2
+ module NexposeAPI
3
+ include XMLUtils
4
+
5
+ # Stop a running or paused scan.
6
+ #
7
+ # @param [Fixnum] scan_id ID of the scan to stop.
8
+ # @param [Fixnum] wait_sec Number of seconds to wait for status to be updated. Default: 0
9
+ def scan_stop(scan_id, wait_sec = 0)
10
+ r = execute(make_xml('ScanStopRequest', {'scan-id' => scan_id}))
11
+ if r.success
12
+ so_far = 0
13
+ while so_far < wait_sec
14
+ status = scan_status(scan_id)
15
+ return status if status == 'stopped'
16
+ sleep 5
17
+ so_far += 5
18
+ end
19
+ end
20
+ r.success
21
+ end
22
+
23
+ def scan_status(param)
24
+ r = execute(make_xml('ScanStatusRequest', {'scan-id' => param}))
25
+ r.success ? r.attributes['status'] : nil
26
+ end
27
+
28
+ #----------------------------------------------------------------
29
+ # Resumes a scan.
30
+ #
31
+ # @param scan_id The scan ID.
32
+ # @return Success(0|1) if it exists or null.
33
+ #----------------------------------------------------------------
34
+ def scan_resume(scan_id)
35
+ r = execute(make_xml('ScanResumeRequest', {'scan-id' => scan_id}))
36
+ r.success ? r.attributes['success'] : nil
37
+ end
38
+
39
+
40
+ #----------------------------------------------------------------
41
+ # Pauses a scan.
42
+ #
43
+ # @param scan_id The scan ID.
44
+ # @return Success(0|1) if it exists or null.
45
+ #----------------------------------------------------------------
46
+ def scan_pause(scan_id)
47
+ r = execute(make_xml('ScanPauseRequest',{ 'scan-id' => scan_id}))
48
+ r.success ? r.attributes['success'] : nil
49
+ end
50
+
51
+ def scan_activity
52
+ r = execute(make_xml('ScanActivityRequest', {}))
53
+ if (r.success)
54
+ res = []
55
+ r.res.elements.each("//ScanSummary") do |scan|
56
+ res << {
57
+ :scan_id => scan.attributes['scan-id'].to_i,
58
+ :site_id => scan.attributes['site-id'].to_i,
59
+ :engine_id => scan.attributes['engine-id'].to_i,
60
+ :status => scan.attributes['status'].to_s,
61
+ :start_time => Date.parse(scan.attributes['startTime'].to_s).to_time
62
+ }
63
+ end
64
+ res
65
+ else
66
+ false
67
+ end
68
+ end
69
+
70
+ def scan_statistics(param)
71
+ r = execute(make_xml('ScanStatisticsRequest', {'scan-id' => param}))
72
+ if (r.success)
73
+ res = {}
74
+ r.res.elements.each("//ScanSummary/nodes") do |node|
75
+ res[:nodes] = {}
76
+ node.attributes.keys.each do |k|
77
+ res[:nodes][k] = node.attributes[k].to_i
78
+ end
79
+ end
80
+ r.res.elements.each("//ScanSummary/tasks") do |task|
81
+ res[:task] = {}
82
+ task.attributes.keys.each do |k|
83
+ res[:task][k] = task.attributes[k].to_i
84
+ end
85
+ end
86
+ r.res.elements.each("//ScanSummary/vulnerabilities") do |vuln|
87
+ res[:vulns] ||= {}
88
+ k = vuln.attributes['status'] + (vuln.attributes['severity'] ? ("-" + vuln.attributes['severity']) : '')
89
+ res[:vulns][k] = vuln.attributes['count'].to_i
90
+ end
91
+ r.res.elements.each("//ScanSummary") do |summ|
92
+ res[:summary] = {}
93
+ summ.attributes.keys.each do |k|
94
+ res[:summary][k] = summ.attributes[k]
95
+ if (res[:summary][k] =~ /^\d+$/)
96
+ res[:summary][k] = res[:summary][k].to_i
97
+ end
98
+ end
99
+ end
100
+ r.res.elements.each("//ScanSummary/message") do |message|
101
+ res[:message] = message.text
102
+ end
103
+ res
104
+ else
105
+ false
106
+ end
107
+ end
108
+ end
109
+
110
+ # === Description
111
+ # Object that represents a summary of a scan.
112
+ #
113
+ class ScanSummary
114
+ # The Scan ID of the Scan
115
+ attr_reader :scan_id
116
+ # The Engine ID used to perform the scan
117
+ attr_reader :engine_id
118
+ # TODO: add description
119
+ attr_reader :name
120
+ # The scan start time
121
+ attr_reader :startTime
122
+ # The scan finish time
123
+ attr_reader :endTime
124
+ # The scan status (running|finished|stopped|error| dispatched|paused|aborted|uknown)
125
+ attr_reader :status
126
+ # The number of pending tasks
127
+ attr_reader :tasks_pending
128
+ # The number of active tasks
129
+ attr_reader :tasks_active
130
+ # The number of completed tasks
131
+ attr_reader :tasks_completed
132
+ # The number of "live" nodes
133
+ attr_reader :nodes_live
134
+ # The number of "dead" nodes
135
+ attr_reader :nodes_dead
136
+ # The number of filtered nodes
137
+ attr_reader :nodes_filtered
138
+ # The number of unresolved nodes
139
+ attr_reader :nodes_unresolved
140
+ # The number of "other" nodes
141
+ attr_reader :nodes_other
142
+ # Confirmed vulnerabilities found (indexed by severity)
143
+ # Associative array, indexed by severity
144
+ attr_reader :vuln_exploit
145
+ # Unconfirmed vulnerabilities found (indexed by severity)
146
+ # Associative array, indexed by severity
147
+ attr_reader :vuln_version
148
+ # Not vulnerable checks run (confirmed)
149
+ attr_reader :not_vuln_exploit
150
+ # Not vulnerable checks run (unconfirmed)
151
+ attr_reader :not_vuln_version
152
+ # Vulnerability check errors
153
+ attr_reader :vuln_error
154
+ # Vulnerability checks disabled
155
+ attr_reader :vuln_disabled
156
+ # Vulnerability checks other
157
+ attr_reader :vuln_other
158
+
159
+ # Constructor
160
+ # ScanSummary(can_id, $engine_id, $name, tartTime, $endTime, tatus)
161
+ def initialize(scan_id, engine_id, name, startTime, endTime, status)
162
+
163
+ @scan_id = scan_id
164
+ @engine_id = engine_id
165
+ @name = name
166
+ @startTime = startTime
167
+ @endTime = endTime
168
+ @status = status
169
+
170
+ end
171
+
172
+ end
173
+
174
+ # TODO
175
+ # === Description
176
+ # Object that represents the overview statistics for a particular scan.
177
+ #
178
+ # === Examples
179
+ #
180
+ # # Create a new Nexpose Connection on the default port and Login
181
+ # nsc = Connection.new("10.1.40.10","nxadmin","password")
182
+ # nsc.login()
183
+ #
184
+ # # Get a Site (Site ID = 12) from the NSC
185
+ # site = new Site(nsc,12)
186
+ #
187
+ # # Start a Scan of this site and pause for 1 minute
188
+ # scan1 = site.scanSite()
189
+ # sleep(60)
190
+ #
191
+ # # Get the Scan Statistics for this scan
192
+ # scanStatistics = new ScanStatistics(nsc,scan1["scan_id"])
193
+ #
194
+ # # Print out number of confirmed vulnerabilities with a 10 severity
195
+ # puts scanStatistics.scansummary.vuln_exploit[10]
196
+ #
197
+ # # Print out the number of pending tasks left in the scan
198
+ # puts scanStatistics.scan_summary.tasks_pending
199
+ #
200
+ class ScanStatistics
201
+ # true if an error condition exists; false otherwise
202
+ attr_reader :error
203
+ # Error message string
204
+ attr_reader :error_msg
205
+ # The last XML request sent by this object
206
+ attr_reader :request_xml
207
+ # The last XML response received by this object
208
+ attr_reader :reseponse_xml
209
+ # The Scan ID
210
+ attr_reader :scan_id
211
+ # The ScanSummary of the scan
212
+ attr_reader :scan_summary
213
+ # The NSC Connection associated with this object
214
+ attr_reader :connection
215
+
216
+ # Vulnerability checks other
217
+ attr_reader :vuln_other
218
+
219
+ def initialize(connection, scan_id)
220
+ @error = false
221
+ @connection = connection
222
+ @scan_id = scan_id
223
+ end
224
+ end
225
+
226
+ # TODO add engineID
227
+ # === Description
228
+ # Object that represents the scanning configuration for a Site.
229
+ #
230
+ class ScanConfig
231
+
232
+ def self.parse(xml)
233
+ config = ScanConfig.new(xml.attributes['configID'],
234
+ xml.attributes['name'],
235
+ xml.attributes['templateID'],
236
+ xml.attributes['configVersion'],
237
+ xml.attributes['engineID'])
238
+ xml.elements.each('Schedules/Schedule') do |sched|
239
+ schedule = Schedule.new(sched.attributes['type'],
240
+ sched.attributes['interval'],
241
+ sched.attributes['start'],
242
+ sched.attributes['enabled'])
243
+ config.addSchedule(schedule)
244
+ end
245
+ config
246
+ end
247
+ end
248
+
249
+ # TODO: review
250
+ # <scanFilter scanStop='0' scanFailed='0' scanStart='1'/>
251
+ # === Description
252
+ #
253
+ class ScanFilter
254
+ attr_reader :scanStop
255
+ attr_reader :scanFailed
256
+ attr_reader :scanStart
257
+
258
+ def initialize(scan_stop, scan_failed, scan_start)
259
+ @scanStop = scan_stop
260
+ @scanFailed = scan_failed
261
+ @scanStart = scan_start
262
+ end
263
+ end
264
+ end