nexpose 0.8.3 → 0.8.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/nexpose.rb +1 -1
- data/lib/nexpose/ajax.rb +1 -1
- data/lib/nexpose/scan.rb +95 -0
- data/lib/nexpose/scan_template.rb +14 -0
- data/lib/nexpose/silo_profile.rb +1 -1
- data/lib/nexpose/site.rb +1 -1
- metadata +7 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dba4421357b0475f091f72cd2fd61ced926fb6ad
|
|
4
|
+
data.tar.gz: e7d37e55dcf159045a3249932c9dfa426e8f0705
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: abdef9b08034c3fce94402180e33af5dc7c01a05c4a48bb8a8a877e21f8599a19abfc0710fea5b22a5562ae24884198ebaaa4b19849e6b7e3cdf2713bc4adf14
|
|
7
|
+
data.tar.gz: 12f470900347b5cac2927cf3138f561f110fdab1246b232dd12dd1167035fd872db9dc9fcab2d87282c9ac8e71345dda73b2f8d76c0ac3e1b618eecadf081257
|
data/lib/nexpose.rb
CHANGED
data/lib/nexpose/ajax.rb
CHANGED
|
@@ -110,7 +110,7 @@ module Nexpose
|
|
|
110
110
|
# @param [Hash] parameters Hash of attributes that need to be sent
|
|
111
111
|
# to the controller.
|
|
112
112
|
# @return [Hash] The parameterized URI.
|
|
113
|
-
|
|
113
|
+
#
|
|
114
114
|
def parameterize_uri(uri, parameters)
|
|
115
115
|
params = Hash.try_convert(parameters)
|
|
116
116
|
unless params.nil? || params.empty?
|
data/lib/nexpose/scan.rb
CHANGED
|
@@ -209,6 +209,101 @@ module Nexpose
|
|
|
209
209
|
end
|
|
210
210
|
end
|
|
211
211
|
|
|
212
|
+
# Export the data associated with a single scan, and optionally store it in
|
|
213
|
+
# a zip-compressed file under the provided name.
|
|
214
|
+
#
|
|
215
|
+
# @param [Fixnum] scan_id Scan ID to remove data for.
|
|
216
|
+
# @param [String] zip_file Filename to export scan data to.
|
|
217
|
+
# @return [Fixnum] On success, returned the number of bytes written to
|
|
218
|
+
# zip_file, if provided. Otherwise, returns raw ZIP binary data.
|
|
219
|
+
#
|
|
220
|
+
def export_scan(scan_id, zip_file = nil)
|
|
221
|
+
http = AJAX._https(self)
|
|
222
|
+
headers = { 'Cookie' => "nexposeCCSessionID=#{@session_id}",
|
|
223
|
+
'Accept-Encoding' => 'identity' }
|
|
224
|
+
resp = http.get("/data/scan/#{scan_id}/export", headers)
|
|
225
|
+
|
|
226
|
+
case resp
|
|
227
|
+
when Net::HTTPSuccess
|
|
228
|
+
if zip_file
|
|
229
|
+
File.open(zip_file, 'wb') { |file| file.write(resp.body) }
|
|
230
|
+
else
|
|
231
|
+
resp.body
|
|
232
|
+
end
|
|
233
|
+
when Net::HTTPForbidden
|
|
234
|
+
raise Nexpose::PermissionError.new(resp)
|
|
235
|
+
else
|
|
236
|
+
raise Nexpose::APIError.new(resp, "#{resp.class}: Unrecognized response.")
|
|
237
|
+
end
|
|
238
|
+
end
|
|
239
|
+
|
|
240
|
+
# Import scan data into a site. WARNING: Experimental!
|
|
241
|
+
#
|
|
242
|
+
# This code currently depends on a gem not in the gemspec. In order to use
|
|
243
|
+
# this method, you will need to add the following line to your script:
|
|
244
|
+
# require 'rest-client'
|
|
245
|
+
#
|
|
246
|
+
# This method is designed to work with export_scan to migrate scan data
|
|
247
|
+
# from one console to another. This method will import the data as if run
|
|
248
|
+
# from a local scan engine.
|
|
249
|
+
#
|
|
250
|
+
# Scan importing is restricted to only importing scans in chronological
|
|
251
|
+
# order. It assumes that it is the latest scan for a given site, and will
|
|
252
|
+
# abort if attempting to import an older scan.
|
|
253
|
+
#
|
|
254
|
+
# @param [Fixnum] site_id Site ID of the site to import the scan into.
|
|
255
|
+
# @param [String] zip_file Path to a previously exported scan archive.
|
|
256
|
+
# @return [String] An empty string on success.
|
|
257
|
+
#
|
|
258
|
+
def import_scan(site_id, zip_file)
|
|
259
|
+
|
|
260
|
+
# ## Ideally, this code should not depend upon rest-client, but should be
|
|
261
|
+
# # able to use the Rex library to generate the MIME message. I haven't
|
|
262
|
+
# # been able to figure out how, though. Leaving it here, commented out,
|
|
263
|
+
# # pending discovery of what to do.
|
|
264
|
+
|
|
265
|
+
# data = Rex::MIME::Message.new
|
|
266
|
+
# data.add_part(site_id.to_s, nil, nil, 'form-data; name="siteid"')
|
|
267
|
+
# data.add_part(self.session_id, nil, nil, 'form-data; name="nexposeCCSessionID"')
|
|
268
|
+
|
|
269
|
+
# scan = File.new(zip_file, 'rb')
|
|
270
|
+
# data.add_part(scan.read, 'application/zip', nil,
|
|
271
|
+
# "form-data; name=\"scan\"; filename=\"#{zip_file}\"")
|
|
272
|
+
|
|
273
|
+
# post = Net::HTTP::Post.new('/data/scan/import')
|
|
274
|
+
# ## rex 2.0.3 has a bug that requires this monkey-patch for Message#to_s
|
|
275
|
+
# # class String
|
|
276
|
+
# # def blank?
|
|
277
|
+
# # self !~ /\S/
|
|
278
|
+
# # end
|
|
279
|
+
# # end
|
|
280
|
+
# post.body = data.to_s
|
|
281
|
+
# post.set_content_type("multipart/form-data; boundary=#{data.bound}")
|
|
282
|
+
# AJAX._headers(nsc, post)
|
|
283
|
+
|
|
284
|
+
# http = AJAX._https(nsc)
|
|
285
|
+
# http.request(post)
|
|
286
|
+
|
|
287
|
+
scan = File.new(zip_file, 'rb')
|
|
288
|
+
url = "https://#{self.host}:#{self.port}/data/scan/import"
|
|
289
|
+
payload = { :siteid => site_id,
|
|
290
|
+
:scan => scan,
|
|
291
|
+
'nexposeCCSessionID' => self.session_id }
|
|
292
|
+
request = RestClient::Request.new(:method => :post,
|
|
293
|
+
:url => url,
|
|
294
|
+
:verify_ssl => OpenSSL::SSL::VERIFY_NONE,
|
|
295
|
+
:payload => payload,
|
|
296
|
+
:cookies => { 'nexposeCCSessionID' => self.session_id })
|
|
297
|
+
|
|
298
|
+
begin
|
|
299
|
+
request.execute
|
|
300
|
+
rescue RestClient::Forbidden => fourOhThree
|
|
301
|
+
raise Nexpose::PermissionError.new(fourOhThree)
|
|
302
|
+
rescue RestClient::InternalServerError => e
|
|
303
|
+
raise Nexpose::APIError.new(request, e)
|
|
304
|
+
end
|
|
305
|
+
end
|
|
306
|
+
|
|
212
307
|
# Delete a scan and all its data from a console.
|
|
213
308
|
# Warning, this method is destructive and not guaranteed to leave a site
|
|
214
309
|
# in a valid state. DBCC may need to be run to correct missing or empty
|
|
@@ -146,6 +146,20 @@ module Nexpose
|
|
|
146
146
|
gen.attributes['disableWebSpider'] = enable ? '0' : '1'
|
|
147
147
|
end
|
|
148
148
|
|
|
149
|
+
# Adjust the number of threads to use per scan engine for this template
|
|
150
|
+
# @param [Integer] threads the number of threads to use per engine
|
|
151
|
+
def scan_threads=(threads)
|
|
152
|
+
scan_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/scanThreads')
|
|
153
|
+
scan_threads.text = threads.to_s
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
# Adjust the number of threads to use per asset for this template
|
|
157
|
+
# @param [Integer] threads the number of threads to use per asset
|
|
158
|
+
def host_threads=(threads)
|
|
159
|
+
host_threads = REXML::XPath.first(@xml, 'ScanTemplate/General/hostThreads')
|
|
160
|
+
host_threads.text = threads.to_s
|
|
161
|
+
end
|
|
162
|
+
|
|
149
163
|
# Add custom TCP ports to scan for services
|
|
150
164
|
# @param [Array] ports to scan
|
|
151
165
|
def tcp_service_ports=(ports)
|
data/lib/nexpose/silo_profile.rb
CHANGED
|
@@ -159,7 +159,7 @@ module Nexpose
|
|
|
159
159
|
|
|
160
160
|
unless @global_scan_engines.empty?
|
|
161
161
|
engines = xml.add_element('GlobalScanEngines')
|
|
162
|
-
@
|
|
162
|
+
@global_scan_engines.each do |engine|
|
|
163
163
|
engines.add_element('GlobalScanEngine', {'name' => engine})
|
|
164
164
|
end
|
|
165
165
|
end
|
data/lib/nexpose/site.rb
CHANGED
|
@@ -414,7 +414,7 @@ module Nexpose
|
|
|
414
414
|
# ## TODO What is returned on failure?
|
|
415
415
|
#
|
|
416
416
|
def self.parse(rexml)
|
|
417
|
-
rexml.elements.each('
|
|
417
|
+
rexml.elements.each('//Site') do |s|
|
|
418
418
|
site = Site.new(s.attributes['name'])
|
|
419
419
|
site.id = s.attributes['id'].to_i
|
|
420
420
|
site.description = s.attributes['description']
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexpose
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- HD Moore
|
|
@@ -11,28 +11,28 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2014-
|
|
14
|
+
date: 2014-10-01 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
|
-
name:
|
|
17
|
+
name: rex
|
|
18
18
|
requirement: !ruby/object:Gem::Requirement
|
|
19
19
|
requirements:
|
|
20
20
|
- - "~>"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version:
|
|
22
|
+
version: 2.0.3
|
|
23
23
|
- - ">="
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version:
|
|
25
|
+
version: 2.0.3
|
|
26
26
|
type: :runtime
|
|
27
27
|
prerelease: false
|
|
28
28
|
version_requirements: !ruby/object:Gem::Requirement
|
|
29
29
|
requirements:
|
|
30
30
|
- - "~>"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version:
|
|
32
|
+
version: 2.0.3
|
|
33
33
|
- - ">="
|
|
34
34
|
- !ruby/object:Gem::Version
|
|
35
|
-
version:
|
|
35
|
+
version: 2.0.3
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: nokogiri
|
|
38
38
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -131,4 +131,3 @@ signing_key:
|
|
|
131
131
|
specification_version: 4
|
|
132
132
|
summary: Ruby API for Rapid7 Nexpose
|
|
133
133
|
test_files: []
|
|
134
|
-
has_rdoc:
|