RubyGems - nexpose - Versions diffs - 0.9.8 → 1.0.0 - Mend

nexpose 0.9.8 → 1.0.0

Files changed (24) hide show

checksums.yaml +4 -4
data/Gemfile.lock +1 -1
data/lib/nexpose.rb +8 -4
data/lib/nexpose/ajax.rb +29 -4
data/lib/nexpose/alert.rb +160 -177
data/lib/nexpose/api.rb +18 -0
data/lib/nexpose/common.rb +144 -10
data/lib/nexpose/credential.rb +185 -1
data/lib/nexpose/discovery.rb +141 -16
data/lib/nexpose/discovery/filter.rb +26 -3
data/lib/nexpose/engine.rb +16 -0
data/lib/nexpose/json_serializer.rb +92 -0
data/lib/nexpose/scan.rb +131 -23
data/lib/nexpose/scan_template.rb +1 -1
data/lib/nexpose/shared_secret.rb +31 -0
data/lib/nexpose/site.rb +339 -317
data/lib/nexpose/site_credentials.rb +178 -0
data/lib/nexpose/tag.rb +42 -1
data/lib/nexpose/util.rb +11 -16
data/lib/nexpose/version.rb +1 -1
data/lib/nexpose/wait.rb +103 -0
data/lib/nexpose/web_credentials.rb +252 -0
metadata +18 -8
data/lib/nexpose/site_credential.rb +0 -323

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6c5d157c20856a164ee2982bbf4d66895bbf2338
-  data.tar.gz: 8ec9a5560d29c9e19449b19e2a93a307877d5fcd
+  metadata.gz: 0443897c1940a9c3099ecc230589e7925fca9697
+  data.tar.gz: e31a6036c4170c0fa796b961973601bc9d5db6bb
 SHA512:
-  metadata.gz: 7ecf67806e6577ccf7072261a27fb2cfec3f5b3b9e7aae24fad579900309c3cf73869437adaca9fccda5038f75226a50286bbc9a001a4c2dfb7d7db1ebb1ea3a
-  data.tar.gz: b112151d6331a44c6dfe4767e365944e07fd6d10386a22be7fe0e6ed68af75058f51e193aef38e3249dca4ed32e05f3a97523ce34120e72ff56cd0b6a8757510
+  metadata.gz: e9b887b9f2564478be53d7b45271d1035fef4f51d19e87f5a729ce0423d1571eb0c9e145f3eba7726992a936596e7db5f6f8b2fbe174f98444ab32ef44f77566
+  data.tar.gz: 636f2e44bb5b141a5d3d670b4f8290009af0e1f1dc5d2aeea6b1e2c77687f99d6483f6d063fbd696e1f558ac679dc58915dd896103cc7baa8786ddba5793b3c7

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    nexpose (0.9.8)
+    nexpose (1.0.0)
       rex (~> 2.0, >= 2.0.8)
 GEM

data/lib/nexpose.rb CHANGED Viewed

@@ -57,25 +57,27 @@ require 'rex/mime'
 require 'ipaddr'
 require 'json'
 require 'cgi'
+require 'nexpose/api'
+require 'nexpose/json_serializer'
 require 'nexpose/error'
 require 'nexpose/util'
 require 'nexpose/alert'
 require 'nexpose/ajax'
-require 'nexpose/api'
 require 'nexpose/api_request'
 require 'nexpose/asset'
 require 'nexpose/common'
 require 'nexpose/console'
 require 'nexpose/credential'
-require 'nexpose/site_credential'
+require 'nexpose/site_credentials'
 require 'nexpose/shared_credential'
+require 'nexpose/web_credentials'
 require 'nexpose/data_table'
 require 'nexpose/device'
-require 'nexpose/discovery'
-require 'nexpose/discovery/filter'
 require 'nexpose/engine'
 require 'nexpose/external'
 require 'nexpose/filter'
+require 'nexpose/discovery'
+require 'nexpose/discovery/filter'
 require 'nexpose/global_settings'
 require 'nexpose/group'
 require 'nexpose/dag'
@@ -87,6 +89,7 @@ require 'nexpose/report_template'
 require 'nexpose/role'
 require 'nexpose/scan'
 require 'nexpose/scan_template'
+require 'nexpose/shared_secret'
 require 'nexpose/silo'
 require 'nexpose/silo_profile'
 require 'nexpose/site'
@@ -100,6 +103,7 @@ require 'nexpose/vuln_exception'
 require 'nexpose/connection'
 require 'nexpose/maint'
 require 'nexpose/version'
+require 'nexpose/wait'
 module Nexpose

data/lib/nexpose/ajax.rb CHANGED Viewed

@@ -8,6 +8,9 @@ module Nexpose
   module AJAX
     module_function
+    API_PATTERN = %r{/api/(?<version>[\d\.]+)}
+    private_constant :API_PATTERN
     # Content type strings acceptect by Nexpose.
     #
     module CONTENT_TYPE
@@ -157,15 +160,37 @@ module Nexpose
         if response.header['location'] =~ /login/
           raise Nexpose::AuthenticationFailed.new(response)
         else
-          req_type = request.class.name.split('::').last.upcase
-          raise Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{request.body}", response.code)
+          raise get_api_error(request, response)
         end
       else
-        req_type = request.class.name.split('::').last.upcase
-        raise Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{request.body}", response.code)
+        raise get_api_error(request, response)
       end
     end
+    def get_api_error(request, response)
+      req_type = request.class.name.split('::').last.upcase
+      error_message = get_error_message(request, response)
+      Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{error_message}", response.code)
+    end
+    # Get the version of the api target by request
+    #
+    # @param [HTTPRequest] request
+    def get_request_api_version(request)
+      matches = request.path.match(API_PATTERN)
+      matches[:version].to_f
+      rescue
+        0.0
+    end
+    # Get an error message from the response body if the request url api version
+    # is 2.1 or greater otherwise use the request body
+    def get_error_message(request, response)
+      version = get_request_api_version(request)
+      (version >= 2.1 && response.body) ? "response body: #{response.body}" : "request body: #{request.body}"
+    end
     # Execute a block of code while presenving the preferences for any
     # underlying table being accessed. Use this method when accessing data
     # tables which are present in the UI to prevent existing row preferences

data/lib/nexpose/alert.rb CHANGED Viewed

@@ -1,107 +1,29 @@
 module Nexpose
-  # Alert parent object.
-  # The three alert types should be wrapped in this object to store data.
-  #
-  class Alert
-    # Name for this alert.
-    attr_accessor :name
-    # Whether or not this alert is currently active.
-    attr_accessor :enabled
-    # Send at most this many alerts per scan.
-    attr_accessor :max_alerts
-    # Send alerts based upon scan status.
-    attr_accessor :scan_filter
-    # Send alerts based upon vulnerability finding status.
-    attr_accessor :vuln_filter
-    # Alert type and its configuration. One of SMTPAlert, SyslogAlert, SNMPAlert
-    attr_accessor :type
-    def initialize(name, enabled = 1, max_alerts = -1)
-      @name, @enabled, @max_alerts = name, enabled, max_alerts
-    end
-    def as_xml
-      xml = REXML::Element.new('Alert')
-      xml.attributes['name'] = @name
-      xml.attributes['enabled'] = @enabled
-      xml.attributes['maxAlerts'] = @max_alerts
-      xml.add_element(scan_filter.as_xml)
-      xml.add_element(vuln_filter.as_xml)
-      xml.add_element(type.as_xml)
-      xml
-    end
-    def to_xml
-      as_xml.to_s
-    end
-    # Parse a response from a Nexpose console into a valid Alert object.
-    #
-    # @param [REXML::Document] rexml XML document to parse.
-    # @return [Alert] Alert object represented by the XML.
-    #
-    def self.parse(rexml)
-      name = rexml.attributes['name']
-      rexml.elements.each("//Alert[@name='#{name}']") do |xml|
-        alert = new(name,
-                    xml.attributes['enabled'].to_i,
-                    xml.attributes['maxAlerts'].to_i)
-        alert.scan_filter = ScanFilter.parse(REXML::XPath.first(xml, "//Alert[@name='#{name}']/scanFilter"))
-        alert.vuln_filter = VulnFilter.parse(REXML::XPath.first(xml, "//Alert[@name='#{name}']/vulnFilter"))
-        if (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/smtpAlert"))
-          alert.type = SMTPAlert.parse(type)
-        elsif (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/syslogAlert"))
-          alert.type = SyslogAlert.parse(type)
-        elsif (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/snmpAlert"))
-          alert.type = SNMPAlert.parse(type)
-        end
-        return alert
-      end
-      nil
-    end
-  end
   # Scan filter for alerting.
   # Set values to 1 to enable and 0 to disable.
-  #
   class ScanFilter
+    include JsonSerializer
     # Scan events to alert on.
     attr_accessor :start, :stop, :fail, :resume, :pause
     def initialize(start = 0, stop = 0, fail = 0, resume = 0, pause = 0)
-      @start, @stop, @fail, @resume, @pause = start, stop, fail, resume, pause
-    end
-    def as_xml
-      xml = REXML::Element.new('scanFilter')
-      xml.attributes['scanStart'] = @start
-      xml.attributes['scanStop'] = @stop
-      xml.attributes['scanFailed'] = @fail
-      xml.attributes['scanResumed'] = @resume
-      xml.attributes['scanPaused'] = @pause
-      xml
-    end
-    def to_xml
-      as_xml.to_s
+      @start, @stop, @fail, @resume, @pause = start.to_i, stop.to_i, fail.to_i, resume.to_i, pause.to_i
     end
-    def self.parse(xml)
-      new(xml.attributes['scanStart'].to_i,
-          xml.attributes['scanStop'].to_i,
-          xml.attributes['scanFailed'].to_i,
-          xml.attributes['scanResumed'].to_i,
-          xml.attributes['scanPaused'].to_i)
+    def self.json_initializer(filter)
+      new(filter[:start] ? 1 : 0,
+          filter[:stop] ? 1 : 0,
+          filter[:failed] ? 1 : 0,
+          filter[:resume] ? 1 : 0,
+          filter[:pause] ? 1 : 0)
     end
   end
   # Vulnerability filtering for alerting.
   # Set values to 1 to enable and 0 to disable.
-  #
   class VulnFilter
+    include JsonSerializer
     # Only alert on vulnerability findings with a severity level greater than this level.
     # Range is 0 to 10.
     # Values in the UI correspond as follows:
@@ -114,138 +36,199 @@ module Nexpose
     attr_accessor :confirmed, :unconfirmed, :potential
     def initialize(severity = 1, confirmed = 1, unconfirmed = 1, potential = 1)
-      @severity, @confirmed, @unconfirmed, @potential = severity, confirmed, unconfirmed, potential
-    end
-    def as_xml
-      xml = REXML::Element.new('vulnFilter')
-      xml.attributes['severityThreshold'] = @severity
-      xml.attributes['confirmed'] = @confirmed
-      xml.attributes['unconfirmed'] = @unconfirmed
-      xml.attributes['potential'] = @potential
-      xml
-    end
-    def to_xml
-      as_xml.to_s
+      @severity, @confirmed = severity.to_i, confirmed.to_i
+      @unconfirmed, @potential = unconfirmed.to_i, potential.to_i
     end
-    def self.parse(xml)
-      new(xml.attributes['severityThreshold'].to_i,
-          xml.attributes['confirmed'].to_i,
-          xml.attributes['unconfirmed'].to_i,
-          xml.attributes['potential'].to_i)
+    def self.json_initializer(filter)
+      new(filter[:severity] ? 1 : 0,
+          filter[:unconfirmed] ? 1 : 0,
+          filter[:confirmed] ? 1 : 0,
+          filter[:potential] ? 1 : 0)
     end
   end
-  # Syslog Alert
-  # This class should only exist as an element of an Alert.
-  #
-  class SyslogAlert
+  # Alert base behavior.
+  # The supported three alert types should have these properties and behaviors
+  module Alert
+    include JsonSerializer
+    extend TypedAccessor
-    # The server to sent this alert to.
+    # ID for this alert.
+    attr_accessor :id
+    # Name for this alert.
+    attr_accessor :name
+    # Whether or not this alert is currently active.
+    attr_accessor :enabled
+    # Send at most this many alerts per scan.
+    attr_accessor :max_alerts
+    # Alert type and its configuration. One of SMTPAlert, SyslogAlert, SNMPAlert
+    attr_accessor :alert_type
+    # Server target the alerts
     attr_accessor :server
+    # Server port
+    attr_accessor :server_port
-    def initialize(server)
-      @server = server
-    end
+    # Send alerts based upon scan status.
+    typed_accessor :scan_filter, ScanFilter
+    # Send alerts based upon vulnerability finding status.
+    typed_accessor :vuln_filter, VulnFilter
-    def self.parse(xml)
-      new(xml.attributes['server'])
+    # load a particular site alert
+    def self.load(nsc, site_id, alert_id)
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts/#{alert_id}"
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      unless resp.to_s == ''
+        data = JSON.parse(resp, symbolize_names: true)
+        json_initializer(data).deserialize(data)
+      end
     end
-    def as_xml
-      xml = REXML::Element.new('syslogAlert')
-      xml.attributes['server'] = @server
-      xml
+    # load alerts from an array of hashes
+    def self.load_alerts(alerts)
+      alerts.map { |hash| json_initializer(hash).deserialize(hash) }
     end
-    def to_xml
-      as_xml.to_s
+    # load a list of alerts for a given site
+    def self.list_alerts(nsc, site_id)
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts"
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      data = JSON.parse(resp, symbolize_names: true)
+      load_alerts(data) unless data.nil?
     end
-  end
-  # SNMP Alert
-  # This class should only exist as an element of an Alert.
-  #
-  class SNMPAlert
+    def self.json_initializer(hash)
+      create(hash)
+    end
-    # The community string
-    attr_accessor :community
+    def to_h
+      to_hash(Hash.new)
+    end
-    # The server to sent this alert
-    attr_accessor :server
+    def to_json
+      serialize
+    end
-    def initialize(community, server)
-      @community = community
-      @server = server
+    # delete an alert from the given site
+    def delete(nsc, site_id)
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts/#{id}"
+      AJAX.delete(nsc, uri, AJAX::CONTENT_TYPE::JSON)
     end
-    def self.parse(xml)
-      new(xml.attributes['community'], xml.attributes['server'])
+    # save an alert for a given site
+    def save(nsc, site_id)
+      validate
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts"
+      id = AJAX.put(nsc, uri, self.to_json, AJAX::CONTENT_TYPE::JSON)
+      @id = id.to_i
     end
-    def as_xml
-      xml = REXML::Element.new('snmpAlert')
-      xml.attributes['community'] = @community
-      xml.attributes['server'] = @server
-      xml
+    def validate
+      raise ArgumentError.new('Name is a required attribute.') unless @name
+      raise ArgumentError.new('Scan filter is a required attribute.') unless @scan_filter
+      raise ArgumentError.new('Vuln filter is a required attribute.') unless @vuln_filter
     end
-    def to_xml
-      as_xml.to_s
+    private
+    def self.create(hash)
+      alert_type = hash[:alert_type]
+      raise 'An alert must have an alert type' if alert_type.nil?
+      raise 'Alert name cannot be empty.' if !hash.has_key?(:name) || hash[:name].to_s == ''
+      raise 'SNMP and Syslog alerts must have a server defined' if ['SNMP', 'Syslog'].include?(alert_type) && hash[:server].to_s == ''
+      case alert_type
+      when 'SMTP'
+        alert = SMTPAlert.new(hash[:name],
+                              hash[:sender],
+                              hash[:server],
+                              hash[:recipients],
+                              hash[:enabled],
+                              hash[:max_alerts],
+                              hash[:verbose])
+      when 'SNMP'
+        alert = SNMPAlert.new(hash[:name],
+                              hash[:community],
+                              hash[:server],
+                              hash[:enabled],
+                              hash[:max_alerts])
+      when 'Syslog'
+        alert = SyslogAlert.new(hash[:name],
+                                hash[:server],
+                                hash[:enabled],
+                                hash[:max_alerts])
+      else
+        fail "Unknown alert type: #{alert_type}"
+      end
+      alert.scan_filter = ScanFilter.new
+      alert.vuln_filter = VulnFilter.new
+      alert
     end
   end
   # SMTP (e-mail) Alert
-  # This class should only exist as an element of an Alert.
-  #
   class SMTPAlert
+    include Alert
+    attr_accessor :recipients, :sender, :verbose
-    # The e-mail address of the sender.
-    attr_accessor :sender
-    # The server to sent this alert.
-    attr_accessor :server
-    # Limit the text for mobile devices.
-    attr_accessor :limit_text
-    # Array of strings with the e-mail addresses of the intended recipients.
-    attr_accessor :recipients
+    def initialize(name, sender, server, recipients, enabled = 1, max_alerts = -1, verbose = 0)
+      unless recipients.is_a?(Array) && recipients.length > 0
+        raise 'An SMTP alert must contain an array of recipient emails with at least 1 recipient'
+      end
+      recipients.each do |recipient|
+        unless recipient =~ /^.+@.+\..+$/
+          raise "Recipients must contain valid emails, #{recipient} has an invalid format"
+        end
+      end
-    def initialize(sender, server, limit_text = 0)
+      @alert_type = 'SMTP'
+      @name = name
+      @enabled = enabled
+      @max_alerts = max_alerts
       @sender = sender
       @server = server
-      @limit_text = limit_text
-      @recipients = []
+      @verbose = verbose
+      @recipients = recipients.nil? ? [] : recipients
     end
-    # Adds a new recipient to the alert.
-    def add_recipient(recipient)
+    def add_email_recipient(recipient)
       @recipients << recipient
     end
-    def as_xml
-      xml = REXML::Element.new('smtpAlert')
-      xml.attributes['sender'] = @sender
-      xml.attributes['server'] = @server
-      xml.attributes['limitText'] = @limit_text
-      recipients.each do |recpt|
-        elem = REXML::Element.new('recipient')
-        elem.text = recpt
-        xml.add_element(elem)
-      end
-      xml
+    def remove_email_recipient(recipient)
+      @recipients.delete(recipient)
     end
+  end
+  # SNMP Alert
+  class SNMPAlert
+    include Alert
+    attr_accessor :community
+    def initialize(name, community, server, enabled = 1, max_alerts = -1)
+      raise 'SNMP alerts must have a community defined.' if community.nil?
-    def to_xml
-      as_xml.to_s
+      @alert_type = 'SNMP'
+      @name = name
+      @enabled = enabled
+      @max_alerts = max_alerts
+      @community = community
+      @server = server
     end
+  end
-    def self.parse(xml)
-      alert = new(xml.attributes['sender'], xml.attributes['server'], xml.attributes['limitText'].to_i)
-      xml.elements.each("//recipient") do |recipient|
-        alert.recipients << recipient.text
-      end
-      alert
+  # Syslog Alert
+  class SyslogAlert
+    include Alert
+    def initialize(name, server, enabled = 1, max_alerts = -1)
+      @alert_type = 'Syslog'
+      @name = name
+      @enabled = enabled
+      @max_alerts = max_alerts
+      @server = server
     end
   end
 end