nexpose 6.1.1 → 7.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -100,7 +100,7 @@ module Nexpose
100
100
  # Valid Values (See Value::IPType): IPv4, IPv6
101
101
  IP_ALT_ADDRESS_TYPE = 'IP_ALT_ADDRESS_TYPE'
102
102
 
103
- # Valid Operators: IS, IS_NOT, IN_RANGE, NOT_IN_RANGE, IN, NOT_IN
103
+ # Valid Operators: IS, IS_NOT, IN_RANGE, NOT_IN_RANGE, IN, NOT_IN, LIKE, NOT_LIKE
104
104
  IP_ADDRESS = 'IP_RANGE'
105
105
  IP_RANGE = IP_ADDRESS
106
106
 
@@ -197,6 +197,8 @@ module Nexpose
197
197
  DO_NOT_INCLUDE = 'DO_NOT_INCLUDE'
198
198
  IS_APPLIED = 'IS_APPLIED'
199
199
  IS_NOT_APPLIED = 'IS_NOT_APPLIED'
200
+ LIKE = 'LIKE'
201
+ NOT_LIKE = 'NOT_LIKE'
200
202
  end
201
203
 
202
204
  # Specialized values used by certain search fields
@@ -235,7 +235,7 @@ module Nexpose
235
235
  xml.add_element('range', 'from' => asset.from, 'to' => asset.to)
236
236
  else # Assume HostName
237
237
  host = REXML::Element.new('host')
238
- host.text = asset.host
238
+ host.text = asset
239
239
  xml.add_element(host)
240
240
  end
241
241
  end
@@ -769,6 +769,8 @@ module Nexpose
769
769
  attr_reader :type
770
770
  # Name of the engine where the scan was run. Not the unique ID.
771
771
  attr_reader :engine_name
772
+ # Name of the scan that was assigned.
773
+ attr_reader :scan_name
772
774
 
773
775
  # Internal constructor to be called by #parse_json.
774
776
  def initialize(&block)
@@ -790,6 +792,7 @@ module Nexpose
790
792
  @risk_score = json['riskScore']
791
793
  @type = json['startedByCD'] == 'S' ? :scheduled : :manual
792
794
  @engine_name = json['scanEngineName']
795
+ @scan_name = json['scanName']
793
796
  end
794
797
  end
795
798
 
@@ -822,6 +825,7 @@ module Nexpose
822
825
  @risk_score = json['riskScore']
823
826
  @type = json['Scan Type'] == 'Manual' ? :manual : :scheduled
824
827
  @engine_name = json['Scan Engine']
828
+ @scan_name = json['Scan Name']
825
829
  end
826
830
  end
827
831
 
@@ -35,8 +35,12 @@ module Nexpose
35
35
  attr_accessor :domain
36
36
  # User name.
37
37
  attr_accessor :username
38
+ alias :user_name :username
39
+ alias :user_name= :username=
38
40
  # User name to use when elevating permissions (e.g., sudo).
39
41
  attr_accessor :privilege_username
42
+ alias :permission_elevation_user :privilege_username
43
+ alias :permission_elevation_user= :privilege_username=
40
44
  # Boolean to indicate whether this credential applies to all sites.
41
45
  attr_accessor :all_sites
42
46
  # When this credential was last modified.
@@ -79,8 +83,12 @@ module Nexpose
79
83
  attr_accessor :pem_key
80
84
  # Password to use when elevating permissions (e.g., sudo).
81
85
  attr_accessor :privilege_password
86
+ alias :permission_elevation_password :privilege_password
87
+ alias :permission_elevation_password= :privilege_password=
82
88
  # Permission elevation type. See Nexpose::Credential::ElevationType.
83
89
  attr_accessor :privilege_type
90
+ alias :permission_elevation_type :privilege_type
91
+ alias :permission_elevation_type= :privilege_type=
84
92
  # Privacty password of SNMP v3 credential
85
93
  attr_accessor :privacy_password
86
94
  # Authentication type of SNMP v3 credential
@@ -98,8 +106,9 @@ module Nexpose
98
106
  attr_accessor :disabled
99
107
 
100
108
  def initialize(name, id = -1)
101
- @name, @id = name, id.to_i
102
- @sites = []
109
+ @name = name
110
+ @id = id.to_i
111
+ @sites = []
103
112
  @disabled = []
104
113
  end
105
114
 
@@ -168,7 +177,7 @@ module Nexpose
168
177
 
169
178
  # Test this credential against a target where the credentials should apply.
170
179
  # Only works for a newly created credential. Loading an existing credential
171
- # will likely fail.
180
+ # will likely fail due to the API not sending password.
172
181
  #
173
182
  # @param [Connection] nsc An active connection to the security console.
174
183
  # @param [String] target Target host to check credentials against.
@@ -177,7 +186,7 @@ module Nexpose
177
186
  #
178
187
  def test(nsc, target, engine_id = nil, siteid = -1)
179
188
  unless engine_id
180
- engine_id = nsc.engines.find { |e| e.name == 'Local scan engine' }.id
189
+ engine_id = nsc.engines.detect { |e| e.name == 'Local scan engine' }.id
181
190
  end
182
191
  @port = Credential::DEFAULT_PORTS[@service] if @port.nil?
183
192
  parameters = _to_param(target, engine_id, @port, siteid)
@@ -186,7 +195,6 @@ module Nexpose
186
195
  result.attributes['success'].to_i == 1
187
196
  end
188
197
 
189
-
190
198
  def _to_param(target, engine_id, port, siteid)
191
199
  { engineid: engine_id,
192
200
  sc_creds_dev: target,
@@ -56,6 +56,50 @@ module Nexpose
56
56
  # scope of credential
57
57
  attr_accessor :scope
58
58
 
59
+ # Test this credential against a target where the credentials should apply.
60
+ # Only works for a newly created credential. Loading an existing credential
61
+ # will likely fail due to the API not sending password.
62
+ #
63
+ # @param [Connection] nsc An active connection to the security console.
64
+ # @param [String] target Target host to check credentials against.
65
+ # @param [Fixnum] engine_id ID of the engine to use for testing credentials.
66
+ # Will default to the local engine if none is provided.
67
+ # @param [Fixnum] siteid
68
+ # @return [Boolean] If the credential is able to connect to the target.
69
+ #
70
+ def test(nsc, target, engine_id = nil, siteid = -1)
71
+ unless engine_id
72
+ engine_id = nsc.engines.detect { |e| e.name == 'Local scan engine' }.id
73
+ end
74
+ @port = Credential::DEFAULT_PORTS[@service] if @port.nil?
75
+ parameters = _to_param(target, engine_id, @port, siteid)
76
+ parameters = JSON.generate(parameters)
77
+ resp = JSON.parse(Nexpose::AJAX.post(nsc, '/data/credential/test', parameters, Nexpose::AJAX::CONTENT_TYPE::JSON))
78
+ resp['success'] == 'true'
79
+ end
80
+
81
+
82
+ def _to_param(target, engine_id, port, siteid)
83
+ {
84
+ dev: target,
85
+ port: port,
86
+ siteID: siteid,
87
+ engineID: engine_id,
88
+ service: @service,
89
+ domain: @domain,
90
+ database: @database,
91
+ userName: @user_name,
92
+ password: @password,
93
+ privilegeElevationUserName: @permission_elevation_user,
94
+ privilegeElevationPassword: @permission_elevation_password,
95
+ privilegeElevationType: @permission_elevation_type,
96
+ pemkey: @pem_format_private_key,
97
+ snmpv3AuthType: @authentication_type,
98
+ snmpv3PrivType: @privacy_type,
99
+ snmpv3PrivPassword: @privacy_password
100
+ }
101
+ end
102
+
59
103
  #Create a credential object using name, id, description, host and port
60
104
  def self.for_service(name, id = -1, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS)
61
105
  cred = new
@@ -88,6 +132,7 @@ module Nexpose
88
132
  # Copy an existing configuration from a Nexpose instance.
89
133
  # Returned object will reset the credential ID and append "Copy" to the existing
90
134
  # name.
135
+ # Reminder: The password field will not be populated due to the API not sending password.
91
136
  #
92
137
  # @param [Connection] connection Connection to the security console.
93
138
  # @param [String] id Unique identifier of an site.
@@ -95,23 +140,24 @@ module Nexpose
95
140
  # @return [SiteCredentials] Site credential loaded from a Nexpose console.
96
141
  #
97
142
  def self.copy(connection, site_id, credential_id)
98
- siteCredential = self.load(connection, site_id, credential_id)
99
- siteCredential.id = -1
100
- siteCredential.name = "#{siteCredential.name} Copy"
101
- siteCredential
143
+ site_credential = self.load(connection, site_id, credential_id)
144
+ site_credential.id = -1
145
+ site_credential.name = "#{site_credential.name} Copy"
146
+ site_credential
102
147
  end
103
148
 
104
149
  # Copy an existing configuration from a site credential.
105
150
  # Returned object will reset the credential ID and append "Copy" to the existing
106
151
  # name.
152
+ # Reminder: The password field will not be populated due to the API not sending password.
107
153
  #
108
- # @param [siteCredential] site credential to be copied.
109
154
  # @return [SiteCredentials] modified.
110
155
  #
111
- def self.copy(siteCredential)
112
- siteCredential.id = -1
113
- siteCredential.name = "#{siteCredential.name} Copy"
114
- siteCredential
156
+ def copy
157
+ site_credential = self.clone
158
+ site_credential.id = -1
159
+ site_credential.name = "#{site_credential.name} Copy"
160
+ site_credential
115
161
  end
116
162
 
117
163
  def to_json
@@ -1,4 +1,4 @@
1
1
  module Nexpose
2
2
  # The latest version of the Nexpose gem
3
- VERSION = '6.1.1'
3
+ VERSION = '7.0.0'
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.1.1
4
+ version: 7.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - HD Moore
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2017-07-24 00:00:00.000000000 Z
16
+ date: 2017-08-31 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: bundler
@@ -127,6 +127,34 @@ dependencies:
127
127
  - - "~>"
128
128
  - !ruby/object:Gem::Version
129
129
  version: 2.9.3
130
+ - !ruby/object:Gem::Dependency
131
+ name: github_changelog_generator
132
+ requirement: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - ">="
135
+ - !ruby/object:Gem::Version
136
+ version: '0'
137
+ type: :development
138
+ prerelease: false
139
+ version_requirements: !ruby/object:Gem::Requirement
140
+ requirements:
141
+ - - ">="
142
+ - !ruby/object:Gem::Version
143
+ version: '0'
144
+ - !ruby/object:Gem::Dependency
145
+ name: pry
146
+ requirement: !ruby/object:Gem::Requirement
147
+ requirements:
148
+ - - '='
149
+ - !ruby/object:Gem::Version
150
+ version: 0.9.12.6
151
+ type: :development
152
+ prerelease: false
153
+ version_requirements: !ruby/object:Gem::Requirement
154
+ requirements:
155
+ - - '='
156
+ - !ruby/object:Gem::Version
157
+ version: 0.9.12.6
130
158
  description: This gem provides a Ruby API to the Nexpose vulnerability management
131
159
  product by Rapid7.
132
160
  email:
@@ -141,6 +169,7 @@ extensions: []
141
169
  extra_rdoc_files:
142
170
  - README.markdown
143
171
  files:
172
+ - CHANGELOG.md
144
173
  - COPYING
145
174
  - Gemfile
146
175
  - Gemfile.lock
@@ -158,6 +187,7 @@ files:
158
187
  - lib/nexpose/connection.rb
159
188
  - lib/nexpose/console.rb
160
189
  - lib/nexpose/credential.rb
190
+ - lib/nexpose/credential_helper.rb
161
191
  - lib/nexpose/dag.rb
162
192
  - lib/nexpose/data_table.rb
163
193
  - lib/nexpose/device.rb