nexpose 3.2.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +5 -3
  3. data/lib/nexpose.rb +2 -0
  4. data/lib/nexpose/manage.rb +19 -0
  5. data/lib/nexpose/scheduled_backup.rb +85 -0
  6. data/lib/nexpose/scheduled_maintenance.rb +90 -0
  7. data/lib/nexpose/version.rb +1 -1
  8. data/lib/nexpose/vuln.rb +1 -0
  9. metadata +6 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 21a667918d8b90c0e4c4973bf75c5dca00ea27a6
4
- data.tar.gz: 627a5f8bf4f1317fe753dd6707cf13384722f094
3
+ metadata.gz: 8ad0041be128712796475321b8b6866cc1c28509
4
+ data.tar.gz: 24eec90003a73b8cad10bda5d77e0c39ae7bd932
5
5
  SHA512:
6
- metadata.gz: ded568b5819049f20ce3b346389a5bdce391895060ba8f0a2cf20bb7057b934fc892689fb61def7b9aa7fbd701176b539160425875fd99b543c9dd80c422fded
7
- data.tar.gz: 16a60054fc1af1aecebc4534378efc3b8b84b37e3063f0107cb4d36ce23a489e5387b5399c067046770741913ee513104ea058448fdc94c0e83c154b9b67a995
6
+ metadata.gz: e06af399eb90fd5a65ce07b1d68c6fa0c740d173680c6adbc95508a232cd7783968031b80178155a54f485f75b616da0cd964e1e36732052c3e41334f3e5f398
7
+ data.tar.gz: af24f65ecf732076ff96bc3f486d04754c3f16410def4194c44193ff97c73a50929adf3bb63d21c0cfb94cda25549b1bd843ca9de9b1bf59b23ff6595f75cf2e
data/Gemfile.lock CHANGED
@@ -1,7 +1,8 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- nexpose (3.2.0)
4
+ nexpose (2.1.3)
5
+ multipart-post (~> 2.0.0)
5
6
 
6
7
  GEM
7
8
  remote: https://rubygems.org/
@@ -16,7 +17,8 @@ GEM
16
17
  safe_yaml (~> 1.0.0)
17
18
  diff-lcs (1.2.5)
18
19
  docile (1.1.5)
19
- multi_json (1.10.1)
20
+ multi_json (1.11.0)
21
+ multipart-post (2.0.0)
20
22
  parser (2.2.0.3)
21
23
  ast (>= 1.1, < 3.0)
22
24
  powerpack (0.1.0)
@@ -25,7 +27,7 @@ GEM
25
27
  rspec-core (~> 3.2.0)
26
28
  rspec-expectations (~> 3.2.0)
27
29
  rspec-mocks (~> 3.2.0)
28
- rspec-core (3.2.1)
30
+ rspec-core (3.2.2)
29
31
  rspec-support (~> 3.2.0)
30
32
  rspec-expectations (3.2.0)
31
33
  diff-lcs (>= 1.2.0, < 2.0)
data/lib/nexpose.rb CHANGED
@@ -92,6 +92,8 @@ require 'nexpose/report_template'
92
92
  require 'nexpose/role'
93
93
  require 'nexpose/scan'
94
94
  require 'nexpose/scan_template'
95
+ require 'nexpose/scheduled_backup'
96
+ require 'nexpose/scheduled_maintenance'
95
97
  require 'nexpose/shared_secret'
96
98
  require 'nexpose/silo'
97
99
  require 'nexpose/silo_profile'
data/lib/nexpose/manage.rb CHANGED
@@ -43,6 +43,25 @@ module Nexpose
43
43
  end
44
44
  end
45
45
 
46
+ # Obtain the version information for each scan engine.
47
+ # Includes Product, Content, and Java versions.
48
+ #
49
+ def engine_versions
50
+ info = console_command('version engines')
51
+ versions = []
52
+ engines = info.sub('VERSION INFORMATION\n', '').split(/\n\n/)
53
+ engines.each do |eng|
54
+ engdata = {}
55
+ eng.split(/\n/).each do |kv|
56
+ key, value = kv.split(/:\s*/)
57
+ key = key.sub('Local Engine ', '').sub('Remote Engine ', '')
58
+ engdata[key] = value
59
+ end
60
+ versions << engdata
61
+ end
62
+ versions
63
+ end
64
+
46
65
  # Induce the application to retrieve required updates and restart
47
66
  # if necessary.
48
67
  #
data/lib/nexpose/scheduled_backup.rb ADDED
@@ -0,0 +1,85 @@
1
+ module Nexpose
2
+ # Configuration structure for scheduled backups.
3
+ class ScheduledBackup < APIObject
4
+ require 'json'
5
+ include JsonSerializer
6
+
7
+ # Whether or not this schedule is enabled. Defaults to true if not set
8
+ attr_accessor :enabled
9
+ # Valid schedule types: daily, hourly, monthly-date, monthly-day, weekly.
10
+ attr_accessor :schedule_type
11
+ # The repeat interval based upon type.
12
+ attr_accessor :schedule_interval
13
+ # The earliest date to generate the report on (in ISO 8601 format).
14
+ attr_accessor :schedule_start
15
+ # The description of the backup. Defaults to nil if not set
16
+ attr_accessor :description
17
+ # Whether the backup will be platform independent or not. Defaults to true if not set
18
+ attr_accessor :platform_independent
19
+ # Whether the backup should pause all local scans or wait for local scans to complete. Defaults to true if not set
20
+ attr_accessor :pause_local_scans
21
+ # Number of minutes to wait for running scans to pause/complete before aborting the backup task. Defaults to 0 if not set
22
+ attr_accessor :cancellation_window
23
+
24
+ def initialize(start:, enabled: true, type:, interval:, platform_independent: true, description: nil, pause_local_scans: true, cancellation_window: 0)
25
+ @schedule_start = start
26
+ @enabled = enabled
27
+ @schedule_type = type
28
+ @schedule_interval = interval.to_i
29
+ @platform_independent = platform_independent
30
+ @description = description
31
+ @pause_local_scans = pause_local_scans
32
+ @cancellation_window = cancellation_window.to_i
33
+ end
34
+
35
+ def to_json
36
+ JSON.generate(to_h)
37
+ end
38
+
39
+ def save(nsc)
40
+ params = to_json
41
+ AJAX.post(nsc, '/api/2.1/schedule_backup/', params, AJAX::CONTENT_TYPE::JSON)
42
+ end
43
+
44
+ def self.from_hash(hash)
45
+ repeat_backup_hash = hash[:repeat_type]
46
+ backup = new(start: hash[:start_date],
47
+ enabled: hash[:enabled],
48
+ type: repeat_backup_hash[:type],
49
+ interval: repeat_backup_hash[:interval],
50
+ platform_independent: hash[:platform_independent],
51
+ description: hash[:description],
52
+ pause_local_scans: hash[:pause_local_scans],
53
+ cancellation_window: hash[:cancellation_window])
54
+ backup
55
+ end
56
+
57
+ def to_h
58
+ backup_hash = {
59
+ start_date: @schedule_start,
60
+ enabled: @enabled,
61
+ description: @description,
62
+ platform_independent: @platform_independent,
63
+ pause_local_scans: @pause_local_scans,
64
+ cancellation_window: @cancellation_window
65
+ }
66
+ repeat_hash = {
67
+ type: @schedule_type,
68
+ interval: @schedule_interval
69
+ }
70
+ backup_hash[:repeat_type] = repeat_hash
71
+ backup_hash
72
+ end
73
+
74
+ def self.load(nsc)
75
+ uri = '/api/2.1/schedule_backup/'
76
+ resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
77
+ hash = JSON.parse(resp, symbolize_names: true).first
78
+ Nexpose::ScheduledBackup.from_hash(hash || [])
79
+ end
80
+
81
+ def self.delete(nsc)
82
+ AJAX.delete(nsc, '/api/2.1/schedule_backup/', AJAX::CONTENT_TYPE::JSON)
83
+ end
84
+ end
85
+ end
data/lib/nexpose/scheduled_maintenance.rb ADDED
@@ -0,0 +1,90 @@
1
+ module Nexpose
2
+ # Configuration structure for scheduled maintenance.
3
+ class ScheduledMaintenance < APIObject
4
+ require 'json'
5
+ include JsonSerializer
6
+
7
+ # Whether or not this maintenance schedule is enabled. Defaults to true if not set
8
+ attr_accessor :enabled
9
+ # Valid schedule types: daily, hourly, monthly-date, monthly-day, weekly.
10
+ attr_accessor :schedule_type
11
+ # The repeat interval based upon type.
12
+ attr_accessor :schedule_interval
13
+ # The earliest date to generate the report on (in ISO 8601 format).
14
+ attr_accessor :schedule_start
15
+ # Whether the reindex task should run. Defaults to true if not set
16
+ attr_accessor :reindex
17
+ # Whether the compression task should run. Defaults to true if not set
18
+ attr_accessor :compress
19
+ # Whether the cleanup task should run. Defaults to true if not set
20
+ attr_accessor :cleanup
21
+ # Whether the maintenance should pause all local scans or wait for local scans to complete. Defaults to true if not set
22
+ attr_accessor :pause_local_scans
23
+ # Number of minutes to wait for running scans to pause/complete before aborting the maintenance task. Defaults to 0 if not set
24
+ attr_accessor :cancellation_window
25
+
26
+ def initialize(start:, enabled: true, type:, interval:, reindex: false, compress: true, cleanup: true, pause_local_scans: true, cancellation_window: 0)
27
+ @schedule_start = start
28
+ @enabled = enabled
29
+ @schedule_type = type
30
+ @schedule_interval = interval.to_i
31
+ @reindex = reindex
32
+ @compress = compress
33
+ @cleanup = cleanup
34
+ @pause_local_scans = pause_local_scans
35
+ @cancellation_window = cancellation_window.to_i
36
+ end
37
+
38
+ def to_json
39
+ JSON.generate(to_h)
40
+ end
41
+
42
+ def save(nsc)
43
+ params = to_json
44
+ AJAX.post(nsc, '/api/2.1/schedule_maintenance/', params, AJAX::CONTENT_TYPE::JSON)
45
+ end
46
+
47
+ def self.from_hash(hash)
48
+ repeat_backup_hash = hash[:repeat_type]
49
+ backup = new(start: hash[:start_date],
50
+ enabled: hash[:enabled],
51
+ type: repeat_backup_hash[:type],
52
+ interval: repeat_backup_hash[:interval],
53
+ reindex: hash[:reindex],
54
+ compress: hash[:compression],
55
+ cleanup: hash[:cleanup],
56
+ pause_local_scans: hash[:pause_local_scans],
57
+ cancellation_window: hash[:cancellation_window])
58
+ backup
59
+ end
60
+
61
+ def to_h
62
+ maintenance_hash = {
63
+ start_date: @schedule_start,
64
+ enabled: @enabled,
65
+ cleanup: @cleanup,
66
+ reindex: @reindex,
67
+ compression: @compress,
68
+ pause_local_scans: @pause_local_scans,
69
+ cancellation_window: @cancellation_window
70
+ }
71
+ repeat_hash = {
72
+ type: @schedule_type,
73
+ interval: @schedule_interval
74
+ }
75
+ maintenance_hash[:repeat_type] = repeat_hash
76
+ maintenance_hash
77
+ end
78
+
79
+ def self.load(nsc)
80
+ uri = '/api/2.1/schedule_maintenance/'
81
+ resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
82
+ hash = JSON.parse(resp, symbolize_names: true).first
83
+ Nexpose::ScheduledMaintenance.from_hash(hash || [])
84
+ end
85
+
86
+ def self.delete(nsc)
87
+ AJAX.delete(nsc, '/api/2.1/schedule_maintenance/', AJAX::CONTENT_TYPE::JSON)
88
+ end
89
+ end
90
+ end
data/lib/nexpose/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module Nexpose
2
2
  # The latest version of the Nexpose gem
3
- VERSION = '3.2.0'
3
+ VERSION = '3.3.0'
4
4
  end
data/lib/nexpose/vuln.rb CHANGED
@@ -297,6 +297,7 @@ module Nexpose
297
297
  end
298
298
 
299
299
  # An instance of a vulnerability discovered on an asset.
300
+ # Accessible from {Nexpose::Asset#vulnerability_instances}.
300
301
  #
301
302
  class VulnerabilityInstance < APIObject
302
303
  # ID of the asset where the vulnerability instance was detected.
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.0
4
+ version: 3.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2016-01-20 00:00:00.000000000 Z
16
+ date: 2016-04-06 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: bundler
@@ -174,6 +174,8 @@ files:
174
174
  - lib/nexpose/role.rb
175
175
  - lib/nexpose/scan.rb
176
176
  - lib/nexpose/scan_template.rb
177
+ - lib/nexpose/scheduled_backup.rb
178
+ - lib/nexpose/scheduled_maintenance.rb
177
179
  - lib/nexpose/shared_credential.rb
178
180
  - lib/nexpose/shared_secret.rb
179
181
  - lib/nexpose/silo.rb
@@ -212,8 +214,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
212
214
  version: '0'
213
215
  requirements: []
214
216
  rubyforge_project:
215
- rubygems_version: 2.4.8
217
+ rubygems_version: 2.4.6
216
218
  signing_key:
217
219
  specification_version: 4
218
220
  summary: Ruby API for Rapid7 Nexpose
219
221
  test_files: []
222
+ has_rdoc: