nexpose 0.9.8 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.8
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -13,22 +13,28 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2015-03-17 00:00:00.000000000 Z
16
+ date: 2015-04-08 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: rex
20
20
  requirement: !ruby/object:Gem::Requirement
21
21
  requirements:
22
- - - '='
22
+ - - "~>"
23
+ - !ruby/object:Gem::Version
24
+ version: '2.0'
25
+ - - ">="
23
26
  - !ruby/object:Gem::Version
24
- version: 2.0.7
27
+ version: 2.0.8
25
28
  type: :runtime
26
29
  prerelease: false
27
30
  version_requirements: !ruby/object:Gem::Requirement
28
31
  requirements:
29
- - - '='
32
+ - - "~>"
33
+ - !ruby/object:Gem::Version
34
+ version: '2.0'
35
+ - - ">="
30
36
  - !ruby/object:Gem::Version
31
- version: 2.0.7
37
+ version: 2.0.8
32
38
  - !ruby/object:Gem::Dependency
33
39
  name: bundler
34
40
  requirement: !ruby/object:Gem::Requirement
@@ -169,6 +175,7 @@ files:
169
175
  - lib/nexpose/filter.rb
170
176
  - lib/nexpose/global_settings.rb
171
177
  - lib/nexpose/group.rb
178
+ - lib/nexpose/json_serializer.rb
172
179
  - lib/nexpose/maint.rb
173
180
  - lib/nexpose/manage.rb
174
181
  - lib/nexpose/multi_tenant_user.rb
@@ -179,10 +186,11 @@ files:
179
186
  - lib/nexpose/scan.rb
180
187
  - lib/nexpose/scan_template.rb
181
188
  - lib/nexpose/shared_credential.rb
189
+ - lib/nexpose/shared_secret.rb
182
190
  - lib/nexpose/silo.rb
183
191
  - lib/nexpose/silo_profile.rb
184
192
  - lib/nexpose/site.rb
185
- - lib/nexpose/site_credential.rb
193
+ - lib/nexpose/site_credentials.rb
186
194
  - lib/nexpose/tag.rb
187
195
  - lib/nexpose/tag/criteria.rb
188
196
  - lib/nexpose/ticket.rb
@@ -192,6 +200,8 @@ files:
192
200
  - lib/nexpose/vuln.rb
193
201
  - lib/nexpose/vuln_def.rb
194
202
  - lib/nexpose/vuln_exception.rb
203
+ - lib/nexpose/wait.rb
204
+ - lib/nexpose/web_credentials.rb
195
205
  homepage: https://github.com/rapid7/nexpose-client
196
206
  licenses:
197
207
  - BSD
@@ -204,7 +214,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
204
214
  requirements:
205
215
  - - ">="
206
216
  - !ruby/object:Gem::Version
207
- version: '1.9'
217
+ version: '2.1'
208
218
  required_rubygems_version: !ruby/object:Gem::Requirement
209
219
  requirements:
210
220
  - - ">="
@@ -1,323 +0,0 @@
1
- module Nexpose
2
-
3
- # Object that represents administrative credentials to be used
4
- # during a scan. When retrieved from an existing site configuration
5
- # the credentials will be returned as a security blob and can only
6
- # be passed back as is during a Site Save operation. This object
7
- # can only be used to create a new set of credentials.
8
- #
9
- class SiteCredential < Credential
10
- include XMLUtils
11
-
12
-
13
- # Security blob for an existing set of credentials
14
- attr_accessor :blob
15
- # The service for these credentials.
16
- attr_accessor :service
17
- # The host for these credentials.
18
- attr_accessor :host
19
- # The port on which to use these credentials.
20
- attr_accessor :port
21
- # The password
22
- attr_accessor :password
23
- # The realm for these credentials
24
- attr_accessor :realm
25
- # When using httpheaders, this represents the set of headers to pass
26
- # with the authentication request.
27
- attr_accessor :headers
28
- # When using htmlforms, this represents the tho form to pass the
29
- # authentication request to.
30
- attr_accessor :html_forms
31
- # The type of privilege escalation to use (sudo/su)
32
- attr_accessor :priv_type
33
- # The userid to use when escalating privileges (optional)
34
- attr_accessor :priv_username
35
- # The password to use when escalating privileges (optional)
36
- attr_accessor :priv_password
37
- # The authentication type to use with SNMP v3 credentials
38
- attr_accessor :auth_type
39
- # The privacy/encryption type to use with SNMP v3 credentials
40
- attr_accessor :privacy_type
41
- # The privacy/encryption pass phrase to use with SNMP v3 credentials
42
- attr_accessor :privacy_password
43
-
44
- # Permission elevation type. See Nexpose::Credential::ElevationType.
45
- attr_accessor :privilege_type
46
- # The User ID or Username
47
- attr_accessor :username
48
- alias :userid :username
49
- alias :userid= :username=
50
-
51
-
52
- def self.for_service(service, user, password, realm = nil, host = nil, port = nil)
53
- cred = new
54
- cred.service = service
55
- cred.username = user
56
- cred.password = password
57
- cred.realm = realm
58
- cred.host = host
59
- cred.port = port
60
- cred
61
- end
62
-
63
- # Sets privilege escalation credentials. Type should be either sudo/su.
64
- def add_privilege_credentials(type, username, password)
65
- @priv_type = type
66
- @priv_username = username
67
- @priv_password = password
68
- end
69
-
70
- def add_snmpv3_credentials(auth_type, privacy_type, privacy_password)
71
- @auth_type = auth_type
72
- @privacy_type = privacy_type
73
- @privacy_password = privacy_password
74
- end
75
-
76
- def self.parse(xml)
77
- cred = new
78
- cred.service = xml.attributes['service']
79
- cred.host = xml.attributes['host']
80
- cred.port = xml.attributes['port']
81
- cred.blob = xml.get_text
82
- cred
83
- end
84
-
85
- def to_xml
86
- to_xml_elem.to_s
87
- end
88
-
89
- def as_xml
90
- attributes = {}
91
- attributes['service'] = @service
92
- attributes['userid'] = @username
93
- attributes['password'] = @password
94
- attributes['realm'] = @realm
95
- attributes['host'] = @host
96
- attributes['port'] = @port
97
-
98
- attributes['privilegeelevationtype'] = @priv_type if @priv_type
99
- attributes['privilegeelevationusername'] = @priv_username if @priv_username
100
- attributes['privilegeelevationpassword'] = @priv_password if @priv_password
101
-
102
- attributes['snmpv3authtype'] = @auth_type if @auth_type
103
- attributes['snmpv3privtype'] = @privacy_type if @privacy_type
104
- attributes['snmpv3privpassword'] = @privacy_password if @privacy_password
105
-
106
- xml = make_xml('adminCredentials', attributes, blob)
107
- xml.add_element(@headers.to_xml_elem) if @headers
108
- xml.add_element(@html_forms.to_xml_elem) if @html_forms
109
- xml
110
- end
111
- alias_method :to_xml_elem, :as_xml
112
-
113
- include Comparable
114
-
115
- def <=>(other)
116
- to_xml <=> other.to_xml
117
- end
118
-
119
- def eql?(other)
120
- to_xml == other.to_xml
121
- end
122
-
123
- def hash
124
- to_xml.hash
125
- end
126
-
127
- end
128
-
129
- # Object that represents Header name-value pairs, associated with Web Session Authentication.
130
- #
131
- class Header
132
- include XMLUtils
133
-
134
- # Name, one per Header
135
- attr_reader :name
136
- # Value, one per Header
137
- attr_reader :value
138
-
139
- # Construct with name value pair
140
- def initialize(name, value)
141
- @name = name
142
- @value = value
143
- end
144
-
145
- def as_xml
146
- attributes = {}
147
- attributes['name'] = @name
148
- attributes['value'] = @value
149
-
150
- make_xml('Header', attributes)
151
- end
152
- alias_method :to_xml_elem, :as_xml
153
- end
154
-
155
- # Object that represents Headers, associated with Web Session Authentication.
156
- #
157
- class Headers
158
- include XMLUtils
159
-
160
- # A regular expression used to match against the response to identify authentication failures.
161
- attr_reader :soft403
162
- # Base URL of the application for which the form authentication applies.
163
- attr_reader :webapproot
164
- # When using HTTP headers, this represents the set of headers to pass with the authentication request.
165
- attr_reader :headers
166
-
167
- def initialize(webapproot, soft403)
168
- @headers = []
169
- @webapproot = webapproot
170
- @soft403 = soft403
171
- end
172
-
173
- def add_header(header)
174
- @headers.push(header)
175
- end
176
-
177
- def as_xml
178
- attributes = {}
179
- attributes['webapproot'] = @webapproot
180
- attributes['soft403'] = @soft403
181
-
182
- xml = make_xml('Headers', attributes)
183
- @headers.each do |header|
184
- xml.add_element(header.to_xml_elem)
185
- end
186
- xml
187
- end
188
- alias_method :to_xml_elem, :as_xml
189
-
190
- end
191
-
192
- # When using HTML form, this represents the login form information.
193
- #
194
- class Field
195
- include XMLUtils
196
-
197
- # The name of the HTML field (form parameter).
198
- attr_reader :name
199
- # The value of the HTML field (form parameter).
200
- attr_reader :value
201
- # The type of the HTML field (form parameter).
202
- attr_reader :type
203
- # Is the HTML field (form parameter) dynamically generated? If so,
204
- # the login page is requested and the value of the field is extracted
205
- # from the response.
206
- attr_reader :dynamic
207
- # If the HTML field (form parameter) is a radio button, checkbox or select
208
- # field, this flag determines if the field should be checked (selected).
209
- attr_reader :checked
210
-
211
- def initialize(name, value, type, dynamic, checked)
212
- @name = name
213
- @value = value
214
- @type = type
215
- @dynamic = dynamic
216
- @checked = checked
217
- end
218
-
219
- def as_xml
220
- attributes = {}
221
- attributes['name'] = @name
222
- attributes['value'] = @value
223
- attributes['type'] = @type
224
- attributes['dynamic'] = @dynamic
225
- attributes['checked'] = @checked
226
-
227
- make_xml('Field', attributes)
228
- end
229
- alias_method :to_xml_elem, :as_xml
230
- end
231
-
232
- # When using HTML form, this represents the login form information.
233
- #
234
- class HTMLForm
235
- include XMLUtils
236
-
237
- # The name of the form being submitted.
238
- attr_reader :name
239
- # The HTTP action (URL) through which to submit the login form.
240
- attr_reader :action
241
- # The HTTP request method with which to submit the form.
242
- attr_reader :method
243
- # The HTTP encoding type with which to submit the form.
244
- attr_reader :enctype
245
- # The fields in the HTML Form
246
- attr_reader :fields
247
-
248
- def initialize(name, action, method, enctype)
249
- @name = name
250
- @action = action
251
- @method = method
252
- @enctype = enctype
253
- @fields = []
254
- end
255
-
256
- def add_field(field)
257
- @fields << field
258
- end
259
-
260
- def as_xml
261
- attributes = {}
262
- attributes['name'] = @name
263
- attributes['action'] = @action
264
- attributes['method'] = @method
265
- attributes['enctype'] = @enctype
266
-
267
- xml = make_xml('HTMLForm', attributes)
268
-
269
- fields.each() do |field|
270
- xml.add_element(field.to_xml_elem)
271
- end
272
- xml
273
- end
274
- alias_method :to_xml_elem, :as_xml
275
- end
276
-
277
- # When using HTML form, this represents the login form information.
278
- #
279
- class HTMLForms
280
- include XMLUtils
281
-
282
- # The URL of the login page containing the login form.
283
- attr_reader :parentpage
284
- # A regular expression used to match against the response to identify
285
- # authentication failures.
286
- attr_reader :soft403
287
- # Base URL of the application for which the form authentication applies.
288
- attr_reader :webapproot
289
- # The forms to authenticate with
290
- attr_reader :html_forms
291
-
292
- def initialize(parentpage, soft403, webapproot)
293
- @parentpage = parentpage
294
- @soft403 = soft403
295
- @webapproot = webapproot
296
- @html_forms = []
297
- end
298
-
299
- def add_html_form(html_form)
300
- @html_forms << html_form
301
- end
302
-
303
- def as_xml
304
- attributes = {}
305
- attributes['parentpage'] = @parentpage
306
- attributes['soft403'] = @soft403
307
- attributes['webapproot'] = @webapproot
308
-
309
- xml = make_xml('HTMLForms', attributes)
310
-
311
- html_forms.each() do |html_form|
312
- xml.add_element(html_form.to_xml_elem)
313
- end
314
- xml
315
- end
316
- alias_method :to_xml_elem, :as_xml
317
- end
318
-
319
- # When using ssh-key, this represents the PEM-format key-pair information.
320
- class PEMKey
321
- # TODO
322
- end
323
- end