nexpose 0.5.0 → 0.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 096649e7275b4dd061fab3b7331e93f66fdec709
-  data.tar.gz: 483e8f15738e9b4297a702ee07c78b9f75381f6a
+  metadata.gz: 584499f88ee81a2448cdfeb678b7c3558547af44
+  data.tar.gz: 12b0b5b05463523515453d095dd4aa68fd5c989c
 SHA512:
-  metadata.gz: 368763434ec2b93e957cbf596b36eeeddad7728170234dee6eaa72155e30f11d3826bc7503e22952005f2f10b6bc9cce0ad39769355cd1aeff59082d107db335
-  data.tar.gz: a02679981f17023624c99887fd2c9677678c6e1148a302c0aa7e0b1ce17c292bad83810c6a56da2e4614853fd009702a740f5d87fb41eb935a18359592a233ad
+  metadata.gz: d91c67f78e7e1201b254d0ca9028697da033aea3e736a490462a24acebbbf8736b758f28e721baadc31b888585e79eaff8dc2d92a68b0fce0bec6f31905843c5
+  data.tar.gz: 6d03e8f451ba644ce2779e98712e9acb488438a028ebd7ccf717dec7a93c52dd8179425f73bfd5b5337e71f4ba0211cfd27574c61f4fef9ab40cfdb95320add9

data/lib/nexpose.rb

@@ -62,6 +62,7 @@ require 'nexpose/ajax'
 require 'nexpose/api_request'
 require 'nexpose/common'
 require 'nexpose/creds'
+require 'nexpose/shared_cred'
 require 'nexpose/data_table'
 require 'nexpose/device'
 require 'nexpose/engine'

data/lib/nexpose/common.rb

@@ -143,5 +143,16 @@ module Nexpose
       schedule.repeater_type = xml.attributes['repeaterType'] if xml.attributes['repeaterType']
       schedule
     end
+
+    # Recurring schedule type constants. These are all the possible values which
+    # may be used to create a Schedule.
+    #
+    module Type
+      DAILY = 'daily'
+      HOURLY = 'hourly'
+      WEEKLY = 'weekly'
+      MONTHLY_DATE = 'monthly-date'
+      MONTHLY_DAY = 'monthly-day'
+    end
   end
 end

data/lib/nexpose/creds.rb

@@ -54,6 +54,15 @@ module Nexpose
       @priv_password = password
     end
 
+    def self.parse(xml)
+      cred = new
+      cred.service = xml.attributes['service']
+      cred.host = xml.attributes['host']
+      cred.port = xml.attributes['port']
+      cred.blob = xml.get_text
+      cred
+    end
+
     def to_xml
       to_xml_elem.to_s
     end
@@ -91,6 +100,60 @@ module Nexpose
     def hash
       to_xml.hash
     end
+
+    # Credential type options.
+    #
+    module Type
+
+      # Concurrent Versioning System (CVS)
+      CVS = 'cvs'
+      # File Transfer Protocol (FTP)
+      FTP = 'ftp'
+      # Web Site HTTP Authentication
+      HTTP = 'http'
+      # IBM AS/400
+      AS400 = 'as400'
+      # Lotus Notes/Domino
+      NOTES = 'notes'
+      # Microsoft SQL Server
+      TDS = 'tds'
+      # Sybase SQL Server
+      SYBASE = 'sybase'
+      # Microsoft Windows/Samba (SMB/CIFS)
+      CIFS = 'cifs'
+      # Microsoft Windows/Samba LM/NTLM Hash (SMB/CIFS)
+      CIFSHASH = 'cifshash'
+      # Oracle
+      ORACLE = 'oracle'
+      # Post Office Protocol (POP)
+      POP = 'pop'
+      # PostgreSQL
+      POSTGRESQL = 'postgresql'
+      # Remote Execution
+      REMOTE_EXECUTION = 'remote execution'
+      # Simple Network Management Protocol
+      SNMP = 'snmp'
+      # Secure Shell (SSH)
+      SSH = 'ssh'
+      # Secure Shell (SSH) Public Key
+      SSH_KEY = 'ssh-key'
+      # TELNET
+      TELNET = 'telnet'
+      # MySQL Server
+      MYSQL = 'mysql'
+      # DB2
+      DB2 = 'db2'
+    end
+
+    # Permission Elevation Types
+    #
+    module ElevationType
+
+      NONE = 'NONE'
+      SUDO = 'SUDO'
+      SUDOSU = 'SUDOSU'
+      SU = 'SU'
+    end
   end
 
   # Object that represents Header name-value pairs, associated with Web Session Authentication.

data/lib/nexpose/scan.rb

@@ -152,7 +152,7 @@ module Nexpose
     # Retrieve the status of a scan.
     #
     # @param [Fixnum] scan_id The scan ID.
-    # @return [String] Current status of the scan.
+    # @return [String] Current status of the scan. See Nexpose::Scan::Status.
     #
     def scan_status(scan_id)
       r = execute(make_xml('ScanStatusRequest', { 'scan-id' => scan_id }))
@@ -425,5 +425,19 @@ module Nexpose
                    scan.attributes['engine-id'].to_i)
       end
     end
+
+    # Scan status constants. These are all the possible values which may be
+    # returned by a #scan_status call.
+    #
+    module Status
+      RUNNING = 'running'
+      FINISHED = 'finished'
+      ABORTED = 'aborted'
+      STOPPED = 'stopped'
+      ERROR = 'error'
+      PAUSED = 'paused'
+      DISPATCHED = 'dispatched'
+      UNKNOWN = 'unknown'
+    end
   end
 end

data/lib/nexpose/shared_cred.rb

@@ -0,0 +1,209 @@
+module Nexpose
+
+  module NexposeAPI
+
+    def list_shared_credentials
+      creds = DataTable._get_json_table(self,
+                                   '/data/credential/shared/listing',
+                                   { 'sort' => -1,
+                                     'table-id' => 'credential-listing' })
+      creds.map { |c| SharedCredentialSummary.from_json(c) }
+    end
+
+    alias_method :list_shared_creds, :list_shared_credentials
+    alias_method :shared_credentials, :list_shared_credentials
+    alias_method :shared_creds, :list_shared_credentials
+
+    def delete_shared_credential(id)
+      AJAX.post(self, "/data/credential/shared/delete?credid=#{id}")
+    end
+
+    alias_method :delete_shared_cred, :delete_shared_credential
+  end
+
+  class SharedCredentialSummary
+
+    # Unique ID assigned to this credential by Nexpose.
+    attr_accessor :id
+    # Name to identify this credential.
+    attr_accessor :name
+    # The credential type. See Nexpose::Credential::Type.
+    attr_accessor :type
+    # Domain or realm.
+    attr_accessor :domain
+    # User name.
+    attr_accessor :username
+    # User name to use when elevating permissions (e.g., sudo).
+    attr_accessor :privilege_username
+    # Boolean to indicate whether this credential applies to all sites.
+    attr_accessor :all_sites
+    # When this credential was last modified.
+    attr_accessor :last_modified
+
+    def self.from_json(json)
+      cred = new
+      cred.id = json['credentialID']['ID']
+      cred.name = json['name']
+      cred.type = json['service']
+      cred.domain = json['domain']
+      cred.username = json['username']
+      cred.privilege_username = json['privilegeElevationUsername']
+      cred.all_sites = json['scope'] == 'ALL_SITES_ENABLED_DEFAULT'
+      cred.last_modified = Time.at(json['lastModified']['time'] / 1000)
+      cred
+    end
+
+    # Delete this credential from the security console.
+    #
+    # @param [Connection] nsc An active connection to the security console.
+    #
+    def delete(nsc)
+      nsc.delete_shared_credential(@id)
+    end
+  end
+
+  class SharedCredential < SharedCredentialSummary
+
+    # Optional description of this credential.
+    attr_accessor :description
+
+    # Database or SID.
+    attr_accessor :database
+    # Windows/Samba LM/NTLM Hash.
+    attr_accessor :ntlm_hash
+    # Password or SNMP community name.
+    attr_accessor :password
+    # PEM-format private key.
+    attr_accessor :pem_key
+    # Password to use when elevating permissions (e.g., sudo).
+    attr_accessor :privilege_password
+    # Permission elevation type. See Nexpose::Credential::ElevationType.
+    attr_accessor :privilege_type
+
+    # IP address or host name to restrict this credential to.
+    attr_accessor :host
+    # Single port to restrict this credential to.
+    attr_accessor :port
+
+    # Array of site IDs that this credential is restricted to.
+    attr_accessor :sites
+    # Array of sites where this credential has been temporarily disabled.
+    attr_accessor :disabled
+
+    def initialize(name, id = -1)
+      @name, @id = name, id.to_i
+      @sites = []
+      @disabled = []
+    end
+
+    def self.load(nsc, id)
+      response = AJAX.get(nsc, "/data/credential/shared/get?credid=#{id}")
+      parse(response)
+    end
+
+    # Save this credential to the security console.
+    #
+    # @param [Connection] nsc An active connection to a Nexpose console.
+    # @return [Boolean] Whether the save succeeded.
+    #
+    def save(nsc)
+      response = AJAX.post(nsc, '/data/credential/shared/save', to_xml)
+      !!(response =~ /success="1"/)
+    end
+
+    def to_xml
+      xml = '<Credential '
+      xml << %( id="#{@id}">)
+
+      xml << %(<Name>#{@name}</Name>)
+      xml << %(<Description>#{@description}</Description>)
+
+      xml << %(<Services><Service type="#{@type}"></Service></Services>)
+
+      xml << '<Account type="nexpose">'
+      xml << %(<Field name="database">#{@database}</Field>)
+      xml << %(<Field name="domain">#{@domain}</Field>)
+      xml << %(<Field name="username">#{@username}</Field>)
+      xml << %(<Field name="ntlmhash">#{@ntlm_hash}</Field>) if @ntlm_hash
+      xml << %(<Field name="password">#{@password}</Field>) if @password
+      xml << %(<Field name="pemkey">#{@pem_key}</Field>) if @pem_key
+      xml << %(<Field name="privilegeelevationusername">#{@privilege_username}</Field>)
+      xml << %(<Field name="privilegeelevationpassword">#{@privilege_password}</Field>) if @privilege_password
+      xml << %(<Field name="privilegeelevationtype">#{@privilege_type}</Field>) if @privilege_type
+      xml << '</Account>'
+
+      xml << '<Restrictions>'
+      xml << %(<Restriction type="host">#{@host}</Restriction>) if @host
+      xml << %(<Restriction type="port">#{@port}</Restriction>) if @port
+      xml << '</Restrictions>'
+
+      xml << %(<Sites all="#{@all_sites ? 1 : 0}">)
+      @sites.each do |site|
+        xml << %(<Site id="#{site}")
+        xml << ' enabled="0"' if @disabled.member? site
+        xml << '></Site>'
+      end
+      if @sites.empty?
+        @disabled.each do |site|
+          xml << %(<Site id="#{site}" enabled="0"></Site>)
+        end
+      end
+      xml << '</Sites>'
+
+      xml << '</Credential>'
+    end
+
+    def self.parse(xml)
+      rexml = REXML::Document.new(xml)
+      rexml.elements.each('Credential') do |c|
+        cred = new(c.elements['Name'].text, c.attributes['id'].to_i)
+
+        desc = c.elements['Description']
+        cred.description = desc.text if desc
+
+        c.elements.each('Account/Field') do |field|
+          case field.attributes['name']
+          when 'database'
+            cred.database = field.text
+          when 'domain'
+            cred.domain = field.text
+          when 'username'
+            cred.username = field.text
+          when 'password'
+            cred.password = field.text
+          when 'ntlmhash'
+            cred.ntlm_hash = field.text
+          when 'pemkey'
+            cred.pem_key = field.text
+          when 'privilegeelevationusername'
+            cred.privilege_username = field.text
+          when 'privilegeelevationpassword'
+            cred.privilege_password = field.text
+          when 'privilegeelevationtype'
+            cred.privilege_type = field.text
+          end
+        end
+
+        service = REXML::XPath.first(c, 'Services/Service')
+        cred.type = service.attributes['type']
+
+        c.elements.each('Restrictions/Restriction') do |r|
+          cred.host = r.text if r.attributes['type'] == 'host'
+          cred.port = r.text.to_i if r.attributes['type'] == 'port'
+        end
+
+        sites = REXML::XPath.first(c, 'Sites')
+        cred.all_sites = sites.attributes['all'] == '1'
+
+        sites.elements.each('Site') do |site|
+          site_id = site.attributes['id'].to_i
+          cred.sites << site_id unless cred.all_sites
+          cred.disabled << site_id if site.attributes['enabled'] == '0'
+        end
+
+        return cred
+      end
+      nil
+    end
+  end
+end

data/lib/nexpose/site.rb

@@ -101,7 +101,8 @@ module Nexpose
     # The risk factor associated with this site. Default: 1.0
     attr_accessor :risk_factor
 
-    # [Array] Collection of credentials associated with this site.
+    # [Array] Collection of credentials associated with this site. Does not
+    # include shared credentials.
     attr_accessor :credentials
 
     # [Array] Collection of real-time alerts.
@@ -321,11 +322,8 @@ module Nexpose
           site.exclude << HostName.new(host.text)
         end
 
-        s.elements.each('Credentials/adminCredentials') do |credconf|
-          cred = Credential.new
-          cred.service = credconf.attributes['service']
-          cred.set_blob(credconf.get_text)
-          site.credentials << cred
+        s.elements.each('Credentials/adminCredentials') do |cred|
+          site.credentials << Credential.parse(cred)
         end
 
         s.elements.each('ScanConfig') do |scan_config|

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.1
 platform: ruby
 authors:
 - HD Moore
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-09-12 00:00:00.000000000 Z
+date: 2013-09-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: librex
@@ -78,6 +78,7 @@ files:
 - lib/nexpose/alert.rb
 - lib/nexpose/silo.rb
 - lib/nexpose/vuln_exception.rb
+- lib/nexpose/shared_cred.rb
 - lib/nexpose/user.rb
 - lib/nexpose/tags
 - lib/nexpose/connection.rb