RubyGems - nexpose - Versions diffs - 0.7.6 → 0.8.0 - Mend

nexpose 0.7.6 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4489a1cf24aae595c8e33906c072e337e2e3fe3b
-  data.tar.gz: 43bd09c01a8f777a1da5545f92c5e41da3f6e99e
+  metadata.gz: d3309a3a245d4659e9a7505b030c6b43feb428fc
+  data.tar.gz: 43f7292888199a7d69f8fb83e9a544bafe0e7ad0
 SHA512:
-  metadata.gz: 5bcef060fd7b3b78d811863560bb5bcb3437a75f3b7a2368e0182abc31b2c1ddbb15962e1d55c2fc712d6ce7b4764178d97550328ca6c11ad769567caa7ac41b
-  data.tar.gz: 4ef93a44863abf77d5c51cee2899e0a420b83b633a7f8c7add3d8e76bdadf3363a10908bab6995f343600f37101cef06249f3f5c5421ead06095b8c833c56b25
+  metadata.gz: 5ccba03b85ee4fabdb70d35566aa2c68d818bdb0c54c136c733367c38ee91e347b5010d90790e7cfa5962deee7da10c1bb43ff60e12e36c079b168b79097057c
+  data.tar.gz: 59f1076100d1c251bd497b51ec4eb8b967ea5263f827a04dc4f205127769ef660756975aa0b953c486a3ebd48b9e335c9405c9ce0d8841b838402f873a5e15b7

data/lib/nexpose.rb CHANGED Viewed

@@ -49,6 +49,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 require 'date'
 require 'rexml/document'
+require 'nokogiri'
 require 'net/https'
 require 'net/http'
 require 'uri'

data/lib/nexpose/ajax.rb CHANGED Viewed

@@ -112,7 +112,11 @@ module Nexpose
     # @return [Hash] The parameterized URI.
     def parameterize_uri(uri, parameters)
-      uri = uri.concat(('?').concat(parameters.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&'))) unless Hash(parameters).empty?
+      params = Hash.try_convert(parameters)
+      unless params.nil? || params.empty?
+        uri = uri.concat(('?').concat(parameters.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&')))
+      end
+      uri
     end
     ###

data/lib/nexpose/filter.rb CHANGED Viewed

@@ -362,7 +362,7 @@ module Nexpose
       @vuln_count = json['vulnCount'].to_i
       @risk_score = json['riskScore'].to_f
       @site_id = json['siteID']
-      @last_scan = Time.at(json['lastScanDate'] / 1000)
+      @last_scan = Time.at(json['lastScanDate'].to_i / 1000)
     end
   end
 end

data/lib/nexpose/report.rb CHANGED Viewed

@@ -223,6 +223,7 @@ module Nexpose
     end
     include XMLUtils
+    include HTMLUtils
     # Generate a report once using a simple configuration.
     #
@@ -252,8 +253,10 @@ module Nexpose
           doc.parts.each do |part|
             if /.*base64.*/ =~ part.header.to_s
               if @format =~ /(?:ht|x)ml/
-                if part.header.to_s =~ %r(text/(?:ht|x)ml)
+                if part.header.to_s =~ %r(text/xml)
                   return parse_xml(part.content.unpack('m*')[0]).to_s
+                elsif part.header.to_s =~ %r(text/html)
+                  return parse_html(part.content.unpack('m*')[0]).to_s
                 end
               else # text|pdf|csv|rtf
                 return part.content.unpack('m*')[0]

data/lib/nexpose/role.rb CHANGED Viewed

@@ -23,6 +23,7 @@ module Nexpose
       ADD_USERS_TO_GROUP = 'AddUsersToGroup'
       ADD_USERS_TO_REPORT = 'AddUsersToReport'
       MANAGE_POLICIES = 'ManagePolicies'
+      MANAGE_TAGS = 'ManageTags'
     end
     module Site

data/lib/nexpose/util.rb CHANGED Viewed

@@ -6,6 +6,12 @@ module Nexpose
     end
   end
+  module HTMLUtils
+    def parse_html(html)
+      Nokogiri::HTML(html, nil, 'UTF-8')
+    end
+  end
   module XMLUtils
     def parse_xml(xml)

data/lib/nexpose/vuln.rb CHANGED Viewed

@@ -76,9 +76,7 @@ module Nexpose
     # @return [Array[VulnCheck]] List of matching Vulnerability Checks.
     #
     def find_vuln_check(search_term, partial_words = true, all_words = true)
-      uri = "/ajax/vulnck_synopsis.txml?phrase=#{URI.encode(search_term)}"
-      uri += '&wholeWords=1' unless partial_words
-      uri += '&allWords=1' if all_words
+      uri = "/data/vulnerability/vulnerabilities/dyntable.xml?tableID=VulnCheckSynopsis&phrase=#{URI.encode(search_term)}&allWords=#{all_words}"
       data = DataTable._get_dyn_table(self, uri)
       data.map do |vuln|
         VulnCheck.new(vuln)

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 0.7.6
+  version: 0.8.0
 platform: ruby
 authors:
 - HD Moore
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-06-11 00:00:00.000000000 Z
+date: 2014-06-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: librex
@@ -52,6 +52,26 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.2
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.2
 description: This gem provides a Ruby API to the Nexpose vulnerability management
   product by Rapid7.
 email: