nexpose 0.8.1 → 0.8.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: dad58d40aec93d09eac8e17c8a33d62681029ac8
4
- data.tar.gz: a7c12f0b5569a78bdbec3913ffb1899e60a48cc6
3
+ metadata.gz: 76877d89513e91bd92e4d7bc09ab16be5afe194d
4
+ data.tar.gz: a7549665718107444363121e17a38437b9113909
5
5
  SHA512:
6
- metadata.gz: 8a52b22b5d5fb956240aede68ee4b5bdb65c8fb6dbae5aa566e4983d57bccdce41b7e27b56c36d6edaa6138f0befc6a9b4b6455f69e14be6d91b58f0665217a4
7
- data.tar.gz: 984fb2416a427610052639cbe1f0590882a6abaef35bb6613b672a7a7b049ed33fe8826fec90cf515c1683040e26aefa2bece67a54ea211fc8275b7ce745453a
6
+ metadata.gz: 3888ad225335ef937c16697b12bc5d496cd6f7aff2f98a73461bfea2cf1932ee390532650bf40dd215198b16157a2f6e48164c5ac695ec95c703ada1959f9714
7
+ data.tar.gz: 3bfb038b351745655d45c19b7700d116ff9ca4f0c05624c581e121ba0af52baced607e225dd1dae3b4386bd549240a771d25798144a0a501772511c63775b2bd
data/lib/nexpose/creds.rb CHANGED
@@ -32,9 +32,9 @@ module Nexpose
32
32
 
33
33
  # Security blob for an existing set of credentials
34
34
  attr_accessor :blob
35
- # The service for these credentials. Can be All.
35
+ # The service for these credentials.
36
36
  attr_accessor :service
37
- # The host for these credentials. Can be Any.
37
+ # The host for these credentials.
38
38
  attr_accessor :host
39
39
  # The port on which to use these credentials.
40
40
  attr_accessor :port
@@ -60,7 +60,7 @@ module Nexpose
60
60
  attr_accessor :auth_type
61
61
  # The privacy/encryption type to use with SNMP v3 credentials
62
62
  attr_accessor :privacy_type
63
- # The privacy/encryption passphrase to use with SNMP v3 credentials
63
+ # The privacy/encryption pass phrase to use with SNMP v3 credentials
64
64
  attr_accessor :privacy_password
65
65
 
66
66
  def self.for_service(service, user, password, realm = nil, host = nil, port = nil)
@@ -231,7 +231,7 @@ module Nexpose
231
231
  attr_reader :soft403
232
232
  # Base URL of the application for which the form authentication applies.
233
233
  attr_reader :webapproot
234
- # When using httpheaders, this represents the set of headers to pass with the authentication request.
234
+ # When using HTTP headers, this represents the set of headers to pass with the authentication request.
235
235
  attr_reader :headers
236
236
 
237
237
  def initialize(webapproot, soft403)
@@ -259,7 +259,7 @@ module Nexpose
259
259
 
260
260
  end
261
261
 
262
- # When using htmlform, this represents the login form information.
262
+ # When using HTML form, this represents the login form information.
263
263
  #
264
264
  class Field
265
265
  include XMLUtils
@@ -299,7 +299,7 @@ module Nexpose
299
299
  alias_method :to_xml_elem, :as_xml
300
300
  end
301
301
 
302
- # When using htmlform, this represents the login form information.
302
+ # When using HTML form, this represents the login form information.
303
303
  #
304
304
  class HTMLForm
305
305
  include XMLUtils
@@ -344,7 +344,7 @@ module Nexpose
344
344
  alias_method :to_xml_elem, :as_xml
345
345
  end
346
346
 
347
- # When using htmlform, this represents the login form information.
347
+ # When using HTML form, this represents the login form information.
348
348
  #
349
349
  class HTMLForms
350
350
  include XMLUtils
@@ -386,7 +386,7 @@ module Nexpose
386
386
  alias_method :to_xml_elem, :as_xml
387
387
  end
388
388
 
389
- # When using ssh-key, this represents the PEM-format keypair information.
389
+ # When using ssh-key, this represents the PEM-format key-pair information.
390
390
  class PEMKey
391
391
  # TODO
392
392
  end
@@ -47,7 +47,8 @@ module Nexpose
47
47
  engine.attributes['name'],
48
48
  engine.attributes['address'],
49
49
  engine.attributes['port'].to_i,
50
- engine.attributes['status'])
50
+ engine.attributes['status'],
51
+ engine.attributes['scope'])
51
52
  end
52
53
  end
53
54
  arr
data/lib/nexpose/group.rb CHANGED
@@ -47,7 +47,7 @@ module Nexpose
47
47
  attr_reader :id, :name, :description, :risk_score, :dynamic
48
48
 
49
49
  def initialize(id, name, desc, risk, dynamic)
50
- @id, @name, @description, @risk_score, @dyanmic = id, name, desc, risk, dynamic
50
+ @id, @name, @description, @risk_score, @dynamic = id, name, desc, risk, dynamic
51
51
  end
52
52
 
53
53
  def dynamic?
@@ -89,6 +89,34 @@ module Nexpose
89
89
  @id = res.attributes['group-id'].to_i if res.success and @id < 1
90
90
  end
91
91
 
92
+ # Generate an XML representation of this group configuration
93
+ #
94
+ # @return [String] XML valid for submission as part of other requests.
95
+ #
96
+ def as_xml
97
+ xml = REXML::Element.new('AssetGroup')
98
+ xml.attributes['id'] = @id
99
+ xml.attributes['name'] = @name
100
+ xml.attributes['description'] = @description
101
+
102
+ if @description && !@description.empty?
103
+ elem = REXML::Element.new('Description')
104
+ elem.add_text(@description)
105
+ xml.add_element(elem)
106
+ end
107
+
108
+ elem = REXML::Element.new('Devices')
109
+ @assets.each { |a| elem.add_element('device', {'id' => a.id}) }
110
+ xml.add_element(elem)
111
+
112
+ unless tags.empty?
113
+ tag_xml = xml.add_element(REXML::Element.new('Tags'))
114
+ @tags.each { |tag| tag_xml.add_element(tag.as_xml) }
115
+ end
116
+
117
+ xml
118
+ end
119
+
92
120
  # Get an XML representation of the group that is valid for a save request.
93
121
  # Note that only name, description, and asset ID information is accepted
94
122
  # by a save request.
@@ -96,20 +124,7 @@ module Nexpose
96
124
  # @return [String] XML representation of the asset group.
97
125
  #
98
126
  def to_xml
99
- xml = %(<AssetGroup id="#{@id}" name="#{replace_entities(@name)}")
100
- xml << %( description="#{replace_entities(@description)}") if @description
101
- xml << '>'
102
- xml << '<Devices>'
103
- @assets.each do |asset|
104
- xml << %(<device id="#{asset.id}"/>)
105
- end
106
- xml << '</Devices>'
107
- xml << '<Tags>'
108
- @tags.each do |tag|
109
- xml << tag.as_xml.to_s
110
- end
111
- xml << '</Tags>'
112
- xml << '</AssetGroup>'
127
+ as_xml.to_s
113
128
  end
114
129
 
115
130
  # Launch ad hoc scans against each group of assets per site.
@@ -149,6 +164,11 @@ module Nexpose
149
164
  group.attributes['description'],
150
165
  group.attributes['id'].to_i,
151
166
  group.attributes['riskscore'].to_f)
167
+
168
+ group.elements.each('Description') do |desc|
169
+ asset_group.description = desc.text
170
+ end
171
+
152
172
  group.elements.each('Devices/device') do |dev|
153
173
  asset_group.assets << Device.new(dev.attributes['id'].to_i,
154
174
  dev.attributes['address'],
@@ -50,8 +50,6 @@ module Nexpose
50
50
  cred.privilege_username = json['privilegeElevationUsername']
51
51
  cred.all_sites = json['scope'] == 'ALL_SITES_ENABLED_DEFAULT'
52
52
  cred.last_modified = Time.at(json['lastModified']['time'] / 1000)
53
- cred.auth_type = json['snmpv3authtype']
54
- cred.privacy_type = json['snmpv3privtype']
55
53
  cred
56
54
  end
57
55
 
@@ -81,13 +79,12 @@ module Nexpose
81
79
  attr_accessor :privilege_password
82
80
  # Permission elevation type. See Nexpose::Credential::ElevationType.
83
81
  attr_accessor :privilege_type
82
+ # Privacty password of SNMP v3 credential
83
+ attr_accessor :privacy_password
84
84
  # Authentication type of SNMP v3 credential
85
85
  attr_accessor :auth_type
86
86
  # Privacy type of SNMP v3 credential
87
87
  attr_accessor :privacy_type
88
- # Privacty password of SNMP v3 credential
89
- attr_accessor :privacy_password
90
-
91
88
  # IP address or host name to restrict this credential to.
92
89
  attr_accessor :host
93
90
  # Single port to restrict this credential to.
data/lib/nexpose/site.rb CHANGED
@@ -337,6 +337,12 @@ module Nexpose
337
337
  xml.attributes['riskfactor'] = @risk_factor
338
338
  xml.attributes['isDynamic'] == '1' if dynamic?
339
339
 
340
+ if @description && !@description.empty?
341
+ elem = REXML::Element.new('Description')
342
+ elem.add_text(@description)
343
+ xml.add_element(elem)
344
+ end
345
+
340
346
  unless @users.empty?
341
347
  elem = REXML::Element.new('Users')
342
348
  @users.each { |user| elem.add_element('user', { 'id' => user }) }
@@ -415,6 +421,10 @@ module Nexpose
415
421
  site.risk_factor = s.attributes['riskfactor'] || 1.0
416
422
  site.is_dynamic = true if s.attributes['isDynamic'] == '1'
417
423
 
424
+ s.elements.each('Description') do |desc|
425
+ site.description = desc.text
426
+ end
427
+
418
428
  s.elements.each('Users/user') do |user|
419
429
  site.users << user.attributes['id'].to_i
420
430
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.1
4
+ version: 0.8.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2014-07-03 00:00:00.000000000 Z
13
+ date: 2014-08-08 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: librex