nexpose 0.7.6 → 0.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4489a1cf24aae595c8e33906c072e337e2e3fe3b
4
- data.tar.gz: 43bd09c01a8f777a1da5545f92c5e41da3f6e99e
3
+ metadata.gz: d3309a3a245d4659e9a7505b030c6b43feb428fc
4
+ data.tar.gz: 43f7292888199a7d69f8fb83e9a544bafe0e7ad0
5
5
  SHA512:
6
- metadata.gz: 5bcef060fd7b3b78d811863560bb5bcb3437a75f3b7a2368e0182abc31b2c1ddbb15962e1d55c2fc712d6ce7b4764178d97550328ca6c11ad769567caa7ac41b
7
- data.tar.gz: 4ef93a44863abf77d5c51cee2899e0a420b83b633a7f8c7add3d8e76bdadf3363a10908bab6995f343600f37101cef06249f3f5c5421ead06095b8c833c56b25
6
+ metadata.gz: 5ccba03b85ee4fabdb70d35566aa2c68d818bdb0c54c136c733367c38ee91e347b5010d90790e7cfa5962deee7da10c1bb43ff60e12e36c079b168b79097057c
7
+ data.tar.gz: 59f1076100d1c251bd497b51ec4eb8b967ea5263f827a04dc4f205127769ef660756975aa0b953c486a3ebd48b9e335c9405c9ce0d8841b838402f873a5e15b7
data/lib/nexpose.rb CHANGED
@@ -49,6 +49,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
49
49
 
50
50
  require 'date'
51
51
  require 'rexml/document'
52
+ require 'nokogiri'
52
53
  require 'net/https'
53
54
  require 'net/http'
54
55
  require 'uri'
data/lib/nexpose/ajax.rb CHANGED
@@ -112,7 +112,11 @@ module Nexpose
112
112
  # @return [Hash] The parameterized URI.
113
113
 
114
114
  def parameterize_uri(uri, parameters)
115
- uri = uri.concat(('?').concat(parameters.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&'))) unless Hash(parameters).empty?
115
+ params = Hash.try_convert(parameters)
116
+ unless params.nil? || params.empty?
117
+ uri = uri.concat(('?').concat(parameters.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&')))
118
+ end
119
+ uri
116
120
  end
117
121
 
118
122
  ###
@@ -362,7 +362,7 @@ module Nexpose
362
362
  @vuln_count = json['vulnCount'].to_i
363
363
  @risk_score = json['riskScore'].to_f
364
364
  @site_id = json['siteID']
365
- @last_scan = Time.at(json['lastScanDate'] / 1000)
365
+ @last_scan = Time.at(json['lastScanDate'].to_i / 1000)
366
366
  end
367
367
  end
368
368
  end
@@ -223,6 +223,7 @@ module Nexpose
223
223
  end
224
224
 
225
225
  include XMLUtils
226
+ include HTMLUtils
226
227
 
227
228
  # Generate a report once using a simple configuration.
228
229
  #
@@ -252,8 +253,10 @@ module Nexpose
252
253
  doc.parts.each do |part|
253
254
  if /.*base64.*/ =~ part.header.to_s
254
255
  if @format =~ /(?:ht|x)ml/
255
- if part.header.to_s =~ %r(text/(?:ht|x)ml)
256
+ if part.header.to_s =~ %r(text/xml)
256
257
  return parse_xml(part.content.unpack('m*')[0]).to_s
258
+ elsif part.header.to_s =~ %r(text/html)
259
+ return parse_html(part.content.unpack('m*')[0]).to_s
257
260
  end
258
261
  else # text|pdf|csv|rtf
259
262
  return part.content.unpack('m*')[0]
data/lib/nexpose/role.rb CHANGED
@@ -23,6 +23,7 @@ module Nexpose
23
23
  ADD_USERS_TO_GROUP = 'AddUsersToGroup'
24
24
  ADD_USERS_TO_REPORT = 'AddUsersToReport'
25
25
  MANAGE_POLICIES = 'ManagePolicies'
26
+ MANAGE_TAGS = 'ManageTags'
26
27
  end
27
28
 
28
29
  module Site
data/lib/nexpose/util.rb CHANGED
@@ -6,6 +6,12 @@ module Nexpose
6
6
  end
7
7
  end
8
8
 
9
+ module HTMLUtils
10
+ def parse_html(html)
11
+ Nokogiri::HTML(html, nil, 'UTF-8')
12
+ end
13
+ end
14
+
9
15
  module XMLUtils
10
16
 
11
17
  def parse_xml(xml)
data/lib/nexpose/vuln.rb CHANGED
@@ -76,9 +76,7 @@ module Nexpose
76
76
  # @return [Array[VulnCheck]] List of matching Vulnerability Checks.
77
77
  #
78
78
  def find_vuln_check(search_term, partial_words = true, all_words = true)
79
- uri = "/ajax/vulnck_synopsis.txml?phrase=#{URI.encode(search_term)}"
80
- uri += '&wholeWords=1' unless partial_words
81
- uri += '&allWords=1' if all_words
79
+ uri = "/data/vulnerability/vulnerabilities/dyntable.xml?tableID=VulnCheckSynopsis&phrase=#{URI.encode(search_term)}&allWords=#{all_words}"
82
80
  data = DataTable._get_dyn_table(self, uri)
83
81
  data.map do |vuln|
84
82
  VulnCheck.new(vuln)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.6
4
+ version: 0.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2014-06-11 00:00:00.000000000 Z
13
+ date: 2014-06-18 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: librex
@@ -52,6 +52,26 @@ dependencies:
52
52
  - - ">="
53
53
  - !ruby/object:Gem::Version
54
54
  version: 1.0.2
55
+ - !ruby/object:Gem::Dependency
56
+ name: nokogiri
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '1.6'
62
+ - - ">="
63
+ - !ruby/object:Gem::Version
64
+ version: 1.6.2
65
+ type: :runtime
66
+ prerelease: false
67
+ version_requirements: !ruby/object:Gem::Requirement
68
+ requirements:
69
+ - - "~>"
70
+ - !ruby/object:Gem::Version
71
+ version: '1.6'
72
+ - - ">="
73
+ - !ruby/object:Gem::Version
74
+ version: 1.6.2
55
75
  description: This gem provides a Ruby API to the Nexpose vulnerability management
56
76
  product by Rapid7.
57
77
  email: