nexpose 2.0.2 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/nexpose/scan_template.rb +96 -10
- data/lib/nexpose/silo_profile.rb +1 -1
- data/lib/nexpose/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 66817396a7b72235d96f4349658d982731f19220
|
|
4
|
+
data.tar.gz: 8eb90d767993a6dc3232f32ebe41dd78d5643c69
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fa0dd9f478eb1226251800645824d13b832e5a39bd90f7d8587883e6b3b579d819fd56021fb16492a837ef7a245865dc82bd6b6ab0640b62aa6d9ad59d041d80
|
|
7
|
+
data.tar.gz: 8b1029a519ed52d8506bc9c0141c68c375bdea3a5a7fc1c8aaddb3b409a7a6d42ce0c740f252891c4cc5fee9e788141f3b6e6e5e5a795864132f5d1ea2a1e60c
|
data/Gemfile.lock
CHANGED
|
@@ -312,13 +312,28 @@ module Nexpose
|
|
|
312
312
|
checks.attributes['potential'] = enable ? '1' : '0'
|
|
313
313
|
end
|
|
314
314
|
|
|
315
|
-
# Get a list of the check categories
|
|
315
|
+
# Get a list of the check categories disabled for this scan template.
|
|
316
316
|
#
|
|
317
317
|
# @return [Array[String]] List of enabled categories.
|
|
318
318
|
#
|
|
319
|
+
def disabled_checks_by_category
|
|
320
|
+
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
|
|
321
|
+
checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
|
|
322
|
+
end
|
|
323
|
+
|
|
324
|
+
# @deprecated Use {#enabled_checks_by_category} instead
|
|
319
325
|
def checks_by_category
|
|
326
|
+
warn "[DEPRECATED] Use #{self.class}#enabled_checks_by_category instead of #{self.class}##{__method__}"
|
|
327
|
+
enabled_checks_by_category
|
|
328
|
+
end
|
|
329
|
+
|
|
330
|
+
# Get a list of the check categories enabled for this scan template.
|
|
331
|
+
#
|
|
332
|
+
# @return [Array[String]] List of enabled categories.
|
|
333
|
+
#
|
|
334
|
+
def enabled_checks_by_category
|
|
320
335
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
|
|
321
|
-
checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] }
|
|
336
|
+
checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
|
|
322
337
|
end
|
|
323
338
|
|
|
324
339
|
# Enable checks by category for this template.
|
|
@@ -346,13 +361,28 @@ module Nexpose
|
|
|
346
361
|
_remove_check(category, 'VulnCategory')
|
|
347
362
|
end
|
|
348
363
|
|
|
349
|
-
# Get a list of the check types
|
|
364
|
+
# Get a list of the check types disabled for this scan template.
|
|
350
365
|
#
|
|
351
366
|
# @return [Array[String]] List of enabled check types.
|
|
352
367
|
#
|
|
368
|
+
def disabled_checks_by_type
|
|
369
|
+
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
|
|
370
|
+
checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
|
|
371
|
+
end
|
|
372
|
+
|
|
373
|
+
# @deprecated Use {#enabled_checks_by_type} instead
|
|
353
374
|
def checks_by_type
|
|
375
|
+
warn "[DEPRECATED] Use #{self.class}#enabled_checks_by_type instead of #{self.class}##{__method__}"
|
|
376
|
+
enabled_checks_by_type
|
|
377
|
+
end
|
|
378
|
+
|
|
379
|
+
# Get a list of the check types enabled for this scan template.
|
|
380
|
+
#
|
|
381
|
+
# @return [Array[String]] List of enabled check types.
|
|
382
|
+
#
|
|
383
|
+
def enabled_checks_by_type
|
|
354
384
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
|
|
355
|
-
checks.elements.to_a('CheckType').map { |c| c.attributes['name'] }
|
|
385
|
+
checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
|
|
356
386
|
end
|
|
357
387
|
|
|
358
388
|
# Enable checks by type for this template.
|
|
@@ -383,13 +413,15 @@ module Nexpose
|
|
|
383
413
|
def _enable_check(check, elem)
|
|
384
414
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
385
415
|
checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
|
|
386
|
-
checks.elements['Enabled'].add_element(
|
|
416
|
+
enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
|
|
417
|
+
enabled_checks.add_element(elem, { 'name' => check })
|
|
387
418
|
end
|
|
388
419
|
|
|
389
420
|
def _disable_check(check, elem)
|
|
390
421
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
391
422
|
checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
|
|
392
|
-
checks.elements['Disabled'].add_element(
|
|
423
|
+
disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
|
|
424
|
+
disabled_checks.add_element(elem, { 'name' => check })
|
|
393
425
|
end
|
|
394
426
|
|
|
395
427
|
def _remove_check(check, elem)
|
|
@@ -398,13 +430,28 @@ module Nexpose
|
|
|
398
430
|
checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
|
|
399
431
|
end
|
|
400
432
|
|
|
433
|
+
# @deprecated Use {#enabled_vuln_checks} instead
|
|
434
|
+
def vuln_checks
|
|
435
|
+
warn "[DEPRECATED] Use #{self.class}#enabled_vuln_checks instead of #{self.class}##{__method__}"
|
|
436
|
+
enabled_vuln_checks
|
|
437
|
+
end
|
|
438
|
+
|
|
401
439
|
# Get a list of the individual vuln checks enabled for this scan template.
|
|
402
440
|
#
|
|
403
441
|
# @return [Array[String]] List of enabled vulnerability checks.
|
|
404
442
|
#
|
|
405
|
-
def
|
|
443
|
+
def enabled_vuln_checks
|
|
406
444
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
|
|
407
|
-
checks.elements.to_a('Check').map { |c| c.attributes['id'] }
|
|
445
|
+
checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
|
|
446
|
+
end
|
|
447
|
+
|
|
448
|
+
# Get a list of the individual vuln checks disabled for this scan template.
|
|
449
|
+
#
|
|
450
|
+
# @return [Array[String]] List of enabled vulnerability checks.
|
|
451
|
+
#
|
|
452
|
+
def disabled_vuln_checks
|
|
453
|
+
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
|
|
454
|
+
checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
|
|
408
455
|
end
|
|
409
456
|
|
|
410
457
|
# Enable individual check for this template.
|
|
@@ -414,7 +461,8 @@ module Nexpose
|
|
|
414
461
|
def enable_vuln_check(check_id)
|
|
415
462
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
416
463
|
checks.elements.delete("Disabled/Check[@id='#{check_id}']")
|
|
417
|
-
checks.elements['Enabled'].add_element('
|
|
464
|
+
enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
|
|
465
|
+
enabled_checks.add_element('Check', { 'id' => check_id })
|
|
418
466
|
end
|
|
419
467
|
|
|
420
468
|
# Disable individual check for this template.
|
|
@@ -424,7 +472,8 @@ module Nexpose
|
|
|
424
472
|
def disable_vuln_check(check_id)
|
|
425
473
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
426
474
|
checks.elements.delete("Enabled/Check[@id='#{check_id}']")
|
|
427
|
-
checks.elements['Disabled'].add_element('
|
|
475
|
+
disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
|
|
476
|
+
disabled_checks.add_element('Check', { 'id' => check_id })
|
|
428
477
|
end
|
|
429
478
|
|
|
430
479
|
# Remove individual check for this template. Removes both enabled and
|
|
@@ -491,5 +540,42 @@ module Nexpose
|
|
|
491
540
|
def delete(nsc)
|
|
492
541
|
nsc.delete_scan_template(id)
|
|
493
542
|
end
|
|
543
|
+
|
|
544
|
+
# Enable or disable asset configuration scanning for this template. If
|
|
545
|
+
# the level is not "full", "default" or "none", this is a no-op.
|
|
546
|
+
#
|
|
547
|
+
# @param [String] "full" to enable asset configuration logging, and
|
|
548
|
+
# "default" or "none" to disable it.
|
|
549
|
+
def aces_level=(level)
|
|
550
|
+
return if level.nil?
|
|
551
|
+
return unless ['full', 'default', 'none'].include? level.downcase
|
|
552
|
+
logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
|
|
553
|
+
if (logging.nil?)
|
|
554
|
+
logging = REXML::Element.new('Logging')
|
|
555
|
+
@xml.add_element(logging)
|
|
556
|
+
end
|
|
557
|
+
aces = REXML::XPath.first(logging, 'aces')
|
|
558
|
+
if (aces.nil?)
|
|
559
|
+
aces = REXML::Element.new('aces')
|
|
560
|
+
logging.add_element(aces)
|
|
561
|
+
end
|
|
562
|
+
aces.attributes['level'] = level
|
|
563
|
+
end
|
|
564
|
+
|
|
565
|
+
# @return [String] the asset configuration logging value for this
|
|
566
|
+
# template.
|
|
567
|
+
def aces_level
|
|
568
|
+
logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
|
|
569
|
+
return 'default' if logging.nil?
|
|
570
|
+
aces = REXML::XPath.first(logging, 'aces')
|
|
571
|
+
return 'default' if aces.nil?
|
|
572
|
+
return aces.attributes['level']
|
|
573
|
+
end
|
|
574
|
+
|
|
575
|
+
# @return [Boolean] whether asset configuration scanning is enabled for
|
|
576
|
+
# this template.
|
|
577
|
+
def aces_enabled?
|
|
578
|
+
return 'full' == aces_level
|
|
579
|
+
end
|
|
494
580
|
end
|
|
495
581
|
end
|
data/lib/nexpose/silo_profile.rb
CHANGED
|
@@ -107,7 +107,7 @@ module Nexpose
|
|
|
107
107
|
begin
|
|
108
108
|
update(connection)
|
|
109
109
|
rescue APIError => error
|
|
110
|
-
raise error unless (error.message =~ /
|
|
110
|
+
raise error unless (error.message =~ /silo profile(\S*|.*?)does not exist/i)
|
|
111
111
|
create(connection)
|
|
112
112
|
end
|
|
113
113
|
end
|
data/lib/nexpose/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexpose
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- HD Moore
|
|
@@ -13,7 +13,7 @@ authors:
|
|
|
13
13
|
autorequire:
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
|
-
date: 2015-
|
|
16
|
+
date: 2015-10-07 00:00:00.000000000 Z
|
|
17
17
|
dependencies:
|
|
18
18
|
- !ruby/object:Gem::Dependency
|
|
19
19
|
name: rex
|