nexpose 5.1.0 → 5.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7623dcceb5d3d3c27dc38ec36c4d79e337ff1044
4
- data.tar.gz: 44a91ad0a5b482f9b4e2ff249405fc8bf1855595
3
+ metadata.gz: 226804f061b34388cd0155b1df7baf53feadac6c
4
+ data.tar.gz: 9999ed21b40eb28c4486abb55e16fd9663f0ce83
5
5
  SHA512:
6
- metadata.gz: d6dbf1f038b82d96689c56aa58caed2502b0e2021c7b3b8e5fd9a0099fa487c93fad78cb61b28892cd582e23332f15facd48c54664d64a2b560b8f8da726ea10
7
- data.tar.gz: 8078c7d299558f71874710768a19541283901c4045efa571f17e8e2869ea1033b9a89866463bb08bf4b42d264c21c3d0390f96d0e6d465876656d6191608505d
6
+ metadata.gz: b24bf8a742c9faf2e1cd66c8b603cc41229ecf3fe7840b235c4c33fae6c23bcbc782c1152f8b8c860457ef64b8f526c71b8763c25dc6d6533a616ba0a77c40a1
7
+ data.tar.gz: 9c1c6b3418dd18d1627de2955a0cd1fe151d86c2ae972e0bc35488832af377f57ae71d52aad31861719ab8ba964f510a1cc500d75a8cdab2463d019c83648b57
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- nexpose (5.1.0)
4
+ nexpose (5.2.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
@@ -21,6 +21,7 @@ GEM
21
21
  ast (~> 2.2)
22
22
  powerpack (0.1.1)
23
23
  rainbow (2.0.0)
24
+ rake (12.0.0)
24
25
  rspec (3.3.0)
25
26
  rspec-core (~> 3.3.0)
26
27
  rspec-expectations (~> 3.3.0)
@@ -59,8 +60,12 @@ DEPENDENCIES
59
60
  bundler (~> 1.3)
60
61
  codeclimate-test-reporter (~> 0.4.6)
61
62
  nexpose!
63
+ rake
62
64
  rspec (~> 3.2)
63
65
  rubocop
64
66
  simplecov (~> 0.9.1)
65
67
  vcr (~> 2.9.3)
66
68
  webmock (~> 1.20.4)
69
+
70
+ BUNDLED WITH
71
+ 1.13.6
@@ -17,7 +17,7 @@ Release notes are available on the [Releases](https://github.com/rapid7/nexpose-
17
17
 
18
18
  ## Contributions
19
19
 
20
- We welcome contributions to this package. Please see [CONTRIBUTING](CONTRIBUTING.md) for details.
20
+ We welcome contributions to this package. Please see [CONTRIBUTING](.github/CONTRIBUTING.md) for details.
21
21
 
22
22
  Our coding standards include:
23
23
 
@@ -58,7 +58,7 @@ module Nexpose
58
58
 
59
59
  def to_xml
60
60
  xml = '<Email'
61
- xml << %( toAllAuthorized='#{@toAllAuthorized ? 1 : 0}')
61
+ xml << %( toAllAuthorized='#{@to_all_authorized ? 1 : 0}')
62
62
  xml << %( sendToOwnerAs='#{@send_to_owner_as}') if @send_to_owner_as
63
63
  xml << %( sendToAclAs='#{@send_to_acl_as}') if @send_to_acl_as
64
64
  xml << %( sendAs='#{@send_as}') if @send_as
@@ -145,6 +145,18 @@ module Nexpose
145
145
  data.map(&AssetScan.method(:parse_json))
146
146
  end
147
147
  end
148
+
149
+ # Remove (or delete) one or more assets from a site.
150
+ # With asset linking enabled, this will remove the association
151
+ # of an asset from the given site. If this is the only site
152
+ # of which an asset is a member, the asset will be deleted.
153
+ # If asset linking is disabled, the assets will be deleted.
154
+ #
155
+ # @param [Array[Fixnum]] asset_ids The asset IDs to be removed from the site.
156
+ # @param [Fixnum] site_id The site ID to remove the assets from.
157
+ def remove_assets_from_site(asset_ids, site_id)
158
+ AJAX.post(self, "/data/assets/bulk-delete?siteid=#{site_id}", asset_ids, Nexpose::AJAX::CONTENT_TYPE::JSON)
159
+ end
148
160
  end
149
161
 
150
162
  # Object that represents a single device in a Nexpose security console.
@@ -32,6 +32,22 @@ module Nexpose
32
32
  response.eql?("true")
33
33
  end
34
34
 
35
+ # Kicks off an update on a single engine.
36
+ # A return result of true should be taken only to mean that the update
37
+ # was sent, not that it correctly applied.
38
+ #
39
+ # Nexpose::APIError will be raised if the engine is already updating,
40
+ # or if the engine is offline or unresponsive.
41
+ #
42
+ # @param [Fixnum] engine_id Unique ID of the engine.
43
+ # @return [Boolean] true if the update was sent
44
+ # or if engine is already up to date.
45
+ #
46
+ def update_engine(engine_id)
47
+ uri = "/data/engine/#{engine_id}/update"
48
+ AJAX.post(self, uri)
49
+ end
50
+
35
51
  # Provide a list of current scan activities for a specific Scan Engine.
36
52
  #
37
53
  # @return [Array[ScanSummary]] Array of ScanSummary objects associated with
@@ -53,8 +53,7 @@ module Nexpose
53
53
  #
54
54
  module Field
55
55
  # Search for an Asset by name.
56
- # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, CONTAINS,
57
- # NOT_CONTAINS
56
+ # Valid Operators: IS, IS_NOT, STARTS_WITH, ENDS_WITH, CONTAINS, NOT_CONTAINS
58
57
  ASSET = 'ASSET'
59
58
 
60
59
  # Search for an Asset by CVE ID
@@ -90,8 +89,7 @@ module Nexpose
90
89
  CVSS_SCORE = 'CVSS_SCORE'
91
90
 
92
91
  # Valid Operators: IN, NOT_IN
93
- # Valid Values (See Value::HostType): UNKNOWN, VIRTUAL, HYPERVISOR,
94
- # BARE_METAL
92
+ # Valid Values (See Value::HostType): UNKNOWN, VIRTUAL, HYPERVISOR, BARE_METAL
95
93
  HOST_TYPE = 'HOST_TYPE'
96
94
 
97
95
  # Valid Operators: IN, NOT_IN
@@ -121,10 +119,10 @@ module Nexpose
121
119
  RISK_SCORE = 'RISK_SCORE'
122
120
 
123
121
  # Search based on the last scan date of an asset.
124
- # Valid Operators: ON_OR_BEFORE, ON_OR_AFTER, BETWEEN, EARLIER_THAN,
125
- # WITHIN_THE_LAST
126
- # Valid Values: Use Value::ScanDate::FORMAT for date arguments.
127
- # Use FixNum for day arguments.
122
+ # Valid Operators: ON_OR_BEFORE, ON_OR_AFTER, BETWEEN, EARLIER_THAN, WITHIN_THE_LAST
123
+ # Valid Values: Use FixNum of days for EARLIER_THAN and WITHIN_THE_LAST.
124
+ # See Value::ScanDate::FORMAT for how to generate String
125
+ # values for all other arguments.
128
126
  SCAN_DATE = 'SCAN_DATE'
129
127
 
130
128
  # Valid Operators: CONTAINS, NOT_CONTAINS
@@ -139,8 +137,7 @@ module Nexpose
139
137
  # Valid Operators: CONTAINS, NOT_CONTAINS
140
138
  SOFTWARE = 'SOFTWARE'
141
139
 
142
- # Valid Operators: IS, IS_NOT, GREATER_THAN, LESS_THAN, IS_APPLIED,
143
- # IS_NOT_APPLIED
140
+ # Valid Operators: IS, IS_NOT, GREATER_THAN, LESS_THAN, IS_APPLIED, IS_NOT_APPLIED
144
141
  # Valid Values: VERY_HIGH, HIGH, NORMAL, LOW, VERY_LOW
145
142
  USER_ADDED_CRITICALITY_LEVEL = 'TAG_CRITICALITY'
146
143
 
@@ -165,13 +162,11 @@ module Nexpose
165
162
  VULNERABILITY = 'VULNERABILITY'
166
163
 
167
164
  # Valid Operators: INCLUDE, DO_NOT_INCLUDE
168
- # Valid Values (See Value::VulnerabilityExposure): MALWARE, METASPLOIT,
169
- # DATABASE
165
+ # Valid Values (See Value::VulnerabilityExposure): MALWARE, METASPLOIT, DATABASE
170
166
  VULNERABILITY_EXPOSURES = 'VULNERABILITY_EXPOSURES'
171
167
 
172
168
  # Search by VULNERABILITY CATEGORY
173
- # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH,
174
- # ENDS_WITH
169
+ # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH
175
170
  VULN_CATEGORY = 'VULN_CATEGORY'
176
171
  end
177
172
 
@@ -258,6 +253,8 @@ module Nexpose
258
253
  # Constants for filtering on scan date.
259
254
  module ScanDate
260
255
  # Pass this format to #strftime() to get expected format for requests.
256
+ # For example:
257
+ # Time.now().strftime(Nexpose::Search::Value::ScanDate::FORMAT)
261
258
  FORMAT = '%m/%d/%Y'
262
259
  end
263
260
 
@@ -1,4 +1,4 @@
1
1
  module Nexpose
2
2
  # The latest version of the Nexpose gem
3
- VERSION = '5.1.0'
3
+ VERSION = '5.2.0'
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.1.0
4
+ version: 5.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2016-08-26 00:00:00.000000000 Z
16
+ date: 2017-01-31 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: bundler
@@ -57,6 +57,20 @@ dependencies:
57
57
  - - "~>"
58
58
  - !ruby/object:Gem::Version
59
59
  version: 0.9.1
60
+ - !ruby/object:Gem::Dependency
61
+ name: rake
62
+ requirement: !ruby/object:Gem::Requirement
63
+ requirements:
64
+ - - ">="
65
+ - !ruby/object:Gem::Version
66
+ version: '0'
67
+ type: :development
68
+ prerelease: false
69
+ version_requirements: !ruby/object:Gem::Requirement
70
+ requirements:
71
+ - - ">="
72
+ - !ruby/object:Gem::Version
73
+ version: '0'
60
74
  - !ruby/object:Gem::Dependency
61
75
  name: rspec
62
76
  requirement: !ruby/object:Gem::Requirement
@@ -127,7 +141,6 @@ extensions: []
127
141
  extra_rdoc_files:
128
142
  - README.markdown
129
143
  files:
130
- - CONTRIBUTING.md
131
144
  - COPYING
132
145
  - Gemfile
133
146
  - Gemfile.lock
@@ -193,7 +206,6 @@ files:
193
206
  - lib/nexpose/vuln_exception.rb
194
207
  - lib/nexpose/wait.rb
195
208
  - lib/nexpose/web_credentials.rb
196
- - nexpose.gemspec
197
209
  homepage: https://github.com/rapid7/nexpose-client
198
210
  licenses:
199
211
  - BSD
@@ -214,9 +226,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
214
226
  version: '0'
215
227
  requirements: []
216
228
  rubyforge_project:
217
- rubygems_version: 2.4.6
229
+ rubygems_version: 2.5.1
218
230
  signing_key:
219
231
  specification_version: 4
220
232
  summary: Ruby API for Rapid7 Nexpose
221
233
  test_files: []
222
- has_rdoc:
@@ -1,91 +0,0 @@
1
- # Contributing to nexpose-client
2
-
3
- The users and maintainers of nexpose-client would greatly appreciate any contributions
4
- you can make to the project. These contributions typically come in the form of
5
- filed bugs/issues or pull requests (PRs). These contributions routinely result
6
- in new versions of the [nexpose-client
7
- gem](https://rubygems.org/gems/nexpose-client) and the
8
- [nexpose-client release](https://github.com/rapid7/nexpose-client/releases) to be released. The
9
- process for each is outlined below.
10
-
11
- ## Contributing Issues / Bug Reports
12
-
13
- If you encounter any bugs or problems with nexpose-client, please file them
14
- [here](https://github.com/rapid7/nexpose-client/issues/new), providing as much detail as
15
- possible. If the bug is straight-forward enough and you understand the fix for
16
- the bug well enough, you may take the simpler, less-paperwork route and simply
17
- file a PR with the fix and the necessary details.
18
-
19
- ## Contributing Code
20
-
21
- nexpose-client uses a model nearly identical to that of
22
- [Metasploit](https://github.com/rapid7/metasploit-framework) as outlined
23
- [here](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment),
24
- at least from a ```git``` perspective. If you've been through that process
25
- (or, even better, you've been through it many times with many people), you can
26
- do exactly what you did for Metasploit but with nexpose-client and ignore the rest of
27
- this document.
28
-
29
- On the other hand, if you haven't, read on!
30
-
31
- ### Fork and Clone
32
-
33
- Generally, this should only need to be done once, or if you need to start over.
34
-
35
- 1. Fork nexpose-client: Visit https://github.com/rapid7/nexpose-client and click Fork,
36
- selecting your github account if prompted
37
- 2. Clone ```git@github.com:<your-github-username>/nexpose-client.git```, replacing
38
- ```<your-github-username>``` with, you guessed it, your Github username.
39
- 3. Add the master nexpose-client repository as your upstream:
40
- ```
41
- git remote add upstream git://github.com/rapid7/nexpose-client.git
42
- git fetch --all
43
- ```
44
-
45
- ### Branch and Improve
46
-
47
- If you have a contribution to make, first create a branch to contain your
48
- work. The name is yours to choose, however generally it should roughly
49
- describe what you are doing. In this example, and from here on out, the
50
- branch will be wow, but you should change this.
51
-
52
- ```
53
- git fetch --all
54
- git checkout master
55
- git rebase upstream/master
56
- git checkout -b wow
57
- ```
58
-
59
- Now, make your changes, committing as necessary, using useful commit messages:
60
-
61
- ```
62
- vim CONTRIBUTING.md
63
- git add CONTRIBUTING.md
64
- git commit -m "Adds a document on how to contribute to nexpose-client." -a
65
- ```
66
-
67
- Please note that changes to [lib/nexpose/version.rb](https://github.com/rapid7/nexpose-client/blob/master/lib/nexpose/version.rb) in PRs are almost never necessary.
68
-
69
- Now push your changes to your fork:
70
-
71
- ```
72
- git push origin wow
73
- ```
74
-
75
- Finally, submit the PR. Navigate to ```https://github.com/<your-github-username>/nexpose-client/compare/wow```, fill in the details, and submit.
76
-
77
- ## Releasing New Versions
78
-
79
- Typically this process is reserved for contributors with push permissions to
80
- nexpose-client:
81
-
82
- ### Release New Gem
83
-
84
- 1. Get an account on [Rubygems](https://rubygems.org)
85
- 2. Contact one of the nexpose-client project contributors and have them add you to the nexpose-client gem
86
- 3. Edit [lib/nexpose/version.rb](https://github.com/rapid7/nexpose-client/blob/master/lib/nexpose/version.rb) and increment ```VERSION```. Commit and push to origin/upstream master.
87
- 4. Run ```rake release```
88
-
89
- ### Github Release
90
-
91
- Some users may prefer to consume nexpose-client in a manner other than using git itself. For that reason, Github offers [Releases](https://github.com/blog/1547-release-your-software). Whenever a new version of the software is to be released, be kind and also create a new [Release](https://github.com/rapid7/nexpose-client/releases), using a versioning scheme identical to that used for the gem.
@@ -1,28 +0,0 @@
1
- # encoding: utf-8
2
- lib = File.expand_path('../lib', __FILE__)
3
- $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
- require 'nexpose/version'
5
-
6
- Gem::Specification.new do |s|
7
- s.name = 'nexpose'
8
- s.version = Nexpose::VERSION
9
- s.homepage = 'https://github.com/rapid7/nexpose-client'
10
- s.summary = 'Ruby API for Rapid7 Nexpose'
11
- s.description = 'This gem provides a Ruby API to the Nexpose vulnerability management product by Rapid7.'
12
- s.license = 'BSD'
13
- s.authors = ['HD Moore', 'Chris Lee', 'Michael Daines', 'Brandon Turner', 'Gavin Schneider', 'Scott Green']
14
- s.email = ['hd_moore@rapid7.com', 'christopher_lee@rapid7.com', 'michael_daines@rapid7.com', 'brandon_turner@rapid7.com', 'gavin_schneider@rapid7.com', 'scott_green@rapid7.com']
15
- s.files = Dir['[A-Z]*'] + Dir['lib/**/*']
16
- s.require_paths = ['lib']
17
- s.extra_rdoc_files = ['README.markdown']
18
- s.required_ruby_version = '>= 2.1'
19
- s.platform = 'ruby'
20
-
21
- s.add_development_dependency('bundler', '~> 1.3')
22
- s.add_development_dependency('codeclimate-test-reporter', '~> 0.4.6')
23
- s.add_development_dependency('simplecov', '~> 0.9.1')
24
- s.add_development_dependency('rspec', '~> 3.2')
25
- s.add_development_dependency('rubocop')
26
- s.add_development_dependency('webmock', '~> 1.20.4')
27
- s.add_development_dependency('vcr', '~> 2.9.3')
28
- end