nexpose 0.2.6 → 0.2.7

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 50b3a4ea395acfdb69e8cc0293d403b9cd53eccc
4
- data.tar.gz: b9e88228bbb4ff2b6a77718654f73582284328c7
3
+ metadata.gz: 3f12897628d1710af3338cb1dd054b486bdf6366
4
+ data.tar.gz: 9791475b4e43ad471b8d540bda2f9bc02e7b8de3
5
5
  SHA512:
6
- metadata.gz: cc964a92ba088913a9e17b9c037282faaa545bd2cce65ef42f6bda1191b5fd4bc72872bccd1f225d6a2cef6fb3835fbe44c00a4bf6fe1d10b373bd7c26c8e03b
7
- data.tar.gz: 3eca493933ccd66545cc95684d48d57fe9cd7251eaa1794cdec5a642d13ebccd2e40a9af678929656c39adda898b579672de00ad28077166c681101684187b3b
6
+ metadata.gz: 30abfc67f83742aba0c41f5b5289926dd9d3807680f8fc91cb8bda182db63706ab2ebd34259bf61d99466f0d8a204ba4f67ecd75d8926a95f132352a057e9e52
7
+ data.tar.gz: a6965ad2a9c31df45eef1efcc563bfa6fe9f7590716e5c5d6a3f70b71ed1be8ad6facffbde4d50b523ebb4582b44edc4f3c9fbd90e98e2acebff074245721e83
@@ -110,9 +110,6 @@ module Nexpose
110
110
  # The date after which the schedule is disabled, in ISO 8601 format.
111
111
  attr_accessor :not_valid_after
112
112
 
113
- # --
114
- # TODO These are not captured or put to XML.
115
- # ++
116
113
  attr_accessor :incremental
117
114
  attr_accessor :repeater_type
118
115
 
@@ -127,20 +124,23 @@ module Nexpose
127
124
  xml = %Q{<Schedule enabled='#{@enabled ? 1 : 0}' type='#{@type}' interval='#{@interval}' start='#{@start}'}
128
125
  xml << %Q{ maxDuration='#@max_duration'} if @max_duration
129
126
  xml << %Q{ notValidAfter='#@not_valid_after'} if @not_valid_after
127
+ xml << %Q{ incremental='#{@incremental ? 1 : 0}'} if @incremental
128
+ xml << %Q{ repeaterType='#@repeater_type'} if @repeater_type
130
129
  xml << '/>'
131
130
  end
132
131
 
133
132
  def self.parse(xml)
134
- xml.elements.each('//Schedule') do |sched|
135
- schedule = Schedule.new(sched.attributes['type'],
136
- sched.attributes['interval'].to_i,
137
- sched.attributes['start'],
138
- sched.attributes['enabled'] || true)
139
- # Optional parameters.
140
- schedule.max_duration = sched.attributes['maxDuration'].to_i if sched.attributes['maxDuration']
141
- schedule.not_valid_after = sched.attributes['notValidAfter'] if sched.attributes['notValidAfter']
142
- return schedule
143
- end
133
+ schedule = Schedule.new(xml.attributes['type'],
134
+ xml.attributes['interval'].to_i,
135
+ xml.attributes['start'],
136
+ xml.attributes['enabled'] != '0')
137
+
138
+ # Optional parameters.
139
+ schedule.max_duration = xml.attributes['maxDuration'].to_i if xml.attributes['maxDuration']
140
+ schedule.not_valid_after = xml.attributes['notValidAfter'] if xml.attributes['notValidAfter']
141
+ schedule.incremental = (xml.attributes['incremental'] && xml.attributes['incremental'] == '1')
142
+ schedule.repeater_type = xml.attributes['repeaterType'] if xml.attributes['repeaterType']
143
+ schedule
144
144
  end
145
145
  end
146
146
  end
@@ -1,16 +1,20 @@
1
1
  module Nexpose
2
+
3
+ # NexposeAPI module is mixed into the Connection object, and all methods are
4
+ # expected to be called from there.
5
+ #
2
6
  module NexposeAPI
3
7
  include XMLUtils
4
8
 
5
9
  # Generate a new report using the specified report definition.
6
10
  def generate_report(report_id, wait = false)
7
- xml = make_xml('ReportGenerateRequest', {'report-id' => report_id})
11
+ xml = make_xml('ReportGenerateRequest', { 'report-id' => report_id })
8
12
  response = execute(xml)
9
13
  if response.success
10
14
  response.res.elements.each('//ReportSummary') do |summary|
11
15
  summary = ReportSummary.parse(summary)
12
16
  # If not waiting or the report is finished, return now.
13
- return summary unless wait and summary.status == 'Started'
17
+ return summary unless wait && summary.status == 'Started'
14
18
  end
15
19
  end
16
20
  so_far = 0
@@ -29,11 +33,11 @@ module Nexpose
29
33
  # Provide a history of all reports generated with the specified report
30
34
  # definition.
31
35
  def report_history(report_config_id)
32
- xml = make_xml('ReportHistoryRequest', {'reportcfg-id' => report_config_id})
36
+ xml = make_xml('ReportHistoryRequest', { 'reportcfg-id' => report_config_id })
33
37
  ReportSummary.parse_all(execute(xml))
34
38
  end
35
39
 
36
- # Get the details of the last report generated with the specified report id.
40
+ # Get details of the last report generated with the specified report id.
37
41
  def last_report(report_config_id)
38
42
  history = report_history(report_config_id)
39
43
  history.sort { |a, b| b.generated_on <=> a.generated_on }.first
@@ -42,13 +46,13 @@ module Nexpose
42
46
  # Delete a previously generated report definition.
43
47
  # Also deletes any reports generated from that configuration.
44
48
  def delete_report_config(report_config_id)
45
- xml = make_xml('ReportDeleteRequest', {'reportcfg-id' => report_config_id})
49
+ xml = make_xml('ReportDeleteRequest', { 'reportcfg-id' => report_config_id })
46
50
  execute(xml).success
47
51
  end
48
52
 
49
53
  # Delete a previously generated report.
50
54
  def delete_report(report_id)
51
- xml = make_xml('ReportDeleteRequest', {'report-id' => report_id})
55
+ xml = make_xml('ReportDeleteRequest', { 'report-id' => report_id })
52
56
  execute(xml).success
53
57
  end
54
58
 
@@ -69,14 +73,14 @@ module Nexpose
69
73
 
70
74
  # Retrieve the configuration for a report template.
71
75
  def get_report_template(template_id)
72
- xml = make_xml('ReportTemplateConfigRequest', {'template-id' => template_id})
76
+ xml = make_xml('ReportTemplateConfigRequest', { 'template-id' => template_id })
73
77
  ReportTemplate.parse(execute(xml))
74
78
  end
75
79
 
76
80
  # Provide a listing of all report definitions the user can access on the
77
81
  # Security Console.
78
82
  def report_listing
79
- r = execute(make_xml('ReportListingRequest', {}))
83
+ r = execute(make_xml('ReportListingRequest'))
80
84
  reports = []
81
85
  if r.success
82
86
  r.res.elements.each('//ReportConfigSummary') do |report|
@@ -90,7 +94,7 @@ module Nexpose
90
94
 
91
95
  # Retrieve the configuration for a report definition.
92
96
  def get_report_config(report_config_id)
93
- xml = make_xml('ReportConfigRequest', {'reportcfg-id' => report_config_id})
97
+ xml = make_xml('ReportConfigRequest', { 'reportcfg-id' => report_config_id })
94
98
  ReportConfig.parse(execute(xml))
95
99
  end
96
100
  end
@@ -160,7 +164,11 @@ module Nexpose
160
164
  end
161
165
 
162
166
  def self.parse(xml)
163
- ReportSummary.new(xml.attributes['id'], xml.attributes['cfg-id'], xml.attributes['status'], xml.attributes['generated-on'], xml.attributes['report-URI'])
167
+ ReportSummary.new(xml.attributes['id'],
168
+ xml.attributes['cfg-id'],
169
+ xml.attributes['status'],
170
+ xml.attributes['generated-on'],
171
+ xml.attributes['report-URI'])
164
172
  end
165
173
 
166
174
  def self.parse_all(response)
@@ -229,7 +237,7 @@ module Nexpose
229
237
  include XMLUtils
230
238
 
231
239
  # Generate a report once using a simple configuration.
232
- #
240
+ #
233
241
  # For XML-based reports, only the raw report is returned and not any images.
234
242
  #
235
243
  # @param [Connection] connection Nexpose connection.
@@ -255,7 +263,7 @@ module Nexpose
255
263
  if /.*base64.*/ =~ part.header.to_s
256
264
  if @format =~ /(?:ht|x)ml/
257
265
  if part.header.to_s =~ %r(text/(?:ht|x)ml)
258
- return parse_xml(part.content.unpack("m*")[0]).to_s
266
+ return parse_xml(part.content.unpack('m*')[0]).to_s
259
267
  end
260
268
  else # text|pdf|csv|rtf
261
269
  return part.content.unpack('m*')[0]
@@ -280,7 +288,7 @@ module Nexpose
280
288
  # Array of user IDs which have access to resulting reports.
281
289
  attr_accessor :users
282
290
  # Configuration of when a report is generated.
283
- attr_accessor :generate
291
+ attr_accessor :frequency
284
292
  # Report delivery configuration.
285
293
  attr_accessor :delivery
286
294
  # Database export configuration.
@@ -313,7 +321,7 @@ module Nexpose
313
321
  def self.build(connection, site_id, site_name, type, format, generate_now = false)
314
322
  name = %Q{#{site_name} #{type} report in #{format}}
315
323
  config = ReportConfig.new(name, type, format)
316
- config.generate = Generate.new(true, false)
324
+ config.frequency = Frequency.new(true, false)
317
325
  config.filters << Filter.new('site', site_id)
318
326
  config.save(connection, generate_now)
319
327
  config
@@ -355,7 +363,7 @@ module Nexpose
355
363
  xml << '</Users>'
356
364
 
357
365
  xml << %Q{<Baseline compareTo='#{@baseline}' />} if @baseline
358
- xml << @generate.to_xml if @generate
366
+ xml << @frequency.to_xml if @frequency
359
367
  xml << @delivery.to_xml if @delivery
360
368
  xml << @db_export.to_xml if @db_export
361
369
 
@@ -385,7 +393,7 @@ module Nexpose
385
393
  config.baseline = baseline.attributes['compareTo']
386
394
  end
387
395
 
388
- config.generate = Generate.parse(cfg)
396
+ config.frequency = Frequency.parse(cfg)
389
397
  config.delivery = Delivery.parse(cfg)
390
398
  config.db_export = DBExport.parse(cfg)
391
399
 
@@ -435,9 +443,9 @@ module Nexpose
435
443
  end
436
444
 
437
445
  # Data object associated with when a report is generated.
438
- class Generate
446
+ class Frequency
439
447
  # Will the report be generated after a scan completes (true),
440
- # or is it ad-hoc/scheduled (false).
448
+ # or is it ad hoc/scheduled (false).
441
449
  attr_accessor :after_scan
442
450
  # Whether or not a scan is scheduled.
443
451
  attr_accessor :scheduled
@@ -459,13 +467,15 @@ module Nexpose
459
467
  def self.parse(xml)
460
468
  xml.elements.each('//Generate') do |generate|
461
469
  if generate.attributes['after-scan'] == '1'
462
- return Generate.new(true, false)
470
+ return Frequency.new(true, false)
463
471
  else
464
472
  if generate.attributes['schedule'] == '1'
465
- schedule = Schedule.parse(xml)
466
- return Generate.new(false, true, schedule)
473
+ generate.elements.each('Schedule') do |sched|
474
+ schedule = Schedule.parse(sched)
475
+ return Frequency.new(false, true, schedule)
476
+ end
467
477
  end
468
- return Generate.new(false, false)
478
+ return Frequency.new(false, false)
469
479
  end
470
480
  end
471
481
  nil
data/lib/nexpose/site.rb CHANGED
@@ -358,8 +358,8 @@ module Nexpose
358
358
  xml << %Q(<ScanConfig configID="#{@id}" name="#{@scan_template_name || @scan_template}" templateID="#{@scan_template}" configVersion="#{@config_version || 3}" engineID="#{@engine}">)
359
359
 
360
360
  xml << '<Schedules>'
361
- @schedules.each do |sched|
362
- xml << %Q{<Schedule enabled="#{sched.enabled ? 1 : 0}" type="#{sched.type}" interval="#{sched.interval}" start="#{sched.start}" />}
361
+ @schedules.each do |schedule|
362
+ xml << schedule.to_xml
363
363
  end
364
364
  xml << '</Schedules>'
365
365
  xml << '</ScanConfig>'
@@ -405,12 +405,8 @@ module Nexpose
405
405
  site.scan_template = scan_config.attributes['templateID']
406
406
  site.config_version = scan_config.attributes['configVersion'].to_i
407
407
  site.engine = scan_config.attributes['engineID'].to_i
408
- scan_config.elements.each('Schedules/Schedule') do |sched|
409
- schedule = Schedule.new(sched.attributes['type'],
410
- sched.attributes['interval'],
411
- sched.attributes['start'],
412
- sched.attributes['enabled'])
413
- site.schedules << schedule
408
+ scan_config.elements.each('Schedules/Schedule') do |schedule|
409
+ site.schedules << Schedule.parse(schedule)
414
410
  end
415
411
  end
416
412
 
data/lib/nexpose/util.rb CHANGED
@@ -11,7 +11,7 @@ module Nexpose
11
11
  ::REXML::Document.new(xml.to_s)
12
12
  end
13
13
 
14
- def make_xml(name, opts={}, data='', append_session_id=true)
14
+ def make_xml(name, opts = {}, data = '', append_session_id = true)
15
15
  xml = REXML::Element.new(name)
16
16
  if @session_id and append_session_id
17
17
  xml.attributes['session-id'] = @session_id
data/lib/nexpose/vuln.rb CHANGED
@@ -458,14 +458,13 @@ module Nexpose
458
458
  end
459
459
 
460
460
  expiration_date = input[:expiration_date]
461
- if expiration_date && !expiration_date.empty? && expiration_date =~ /\A\desc{4}-(\desc{2})-(\desc{2})\z/
461
+ if expiration_date && !expiration_date.empty? && expiration_date =~ /\A\d{4}-(\d{2})-(\d{2})\z/
462
462
  if $1.to_i > 12
463
463
  raise ArgumentError.new 'The expiration date month value is invalid'
464
464
  end
465
-
466
- if $2.to_i > 31
467
- raise ArgumentError.new 'The expiration date day value is invalid'
468
- end
465
+ if $2.to_i > 31
466
+ raise ArgumentError.new 'The expiration date day value is invalid'
467
+ end
469
468
  else
470
469
  raise ArgumentError.new 'Expiration date is invalid'
471
470
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.6
4
+ version: 0.2.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2013-06-10 00:00:00.000000000 Z
13
+ date: 2013-07-02 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: librex