nexpose 6.1.1 → 7.0.0

data/lib/nexpose/filter.rb

@@ -100,7 +100,7 @@ module Nexpose
       # Valid Values (See Value::IPType): IPv4, IPv6
       IP_ALT_ADDRESS_TYPE = 'IP_ALT_ADDRESS_TYPE'
 
-      # Valid Operators: IS, IS_NOT, IN_RANGE, NOT_IN_RANGE, IN, NOT_IN
+      # Valid Operators: IS, IS_NOT, IN_RANGE, NOT_IN_RANGE, IN, NOT_IN, LIKE, NOT_LIKE
       IP_ADDRESS = 'IP_RANGE'
       IP_RANGE = IP_ADDRESS
 
@@ -197,6 +197,8 @@ module Nexpose
       DO_NOT_INCLUDE = 'DO_NOT_INCLUDE'
       IS_APPLIED = 'IS_APPLIED'
       IS_NOT_APPLIED = 'IS_NOT_APPLIED'
+      LIKE = 'LIKE'
+      NOT_LIKE = 'NOT_LIKE'
     end
 
     # Specialized values used by certain search fields

data/lib/nexpose/scan.rb

@@ -235,7 +235,7 @@ module Nexpose
         xml.add_element('range', 'from' => asset.from, 'to' => asset.to)
       else  # Assume HostName
         host = REXML::Element.new('host')
-        host.text = asset.host
+        host.text = asset
         xml.add_element(host)
       end
     end
@@ -769,6 +769,8 @@ module Nexpose
     attr_reader :type
     # Name of the engine where the scan was run. Not the unique ID.
     attr_reader :engine_name
+    # Name of the scan that was assigned.
+    attr_reader :scan_name
 
     # Internal constructor to be called by #parse_json.
     def initialize(&block)
@@ -790,6 +792,7 @@ module Nexpose
         @risk_score = json['riskScore']
         @type = json['startedByCD'] == 'S' ? :scheduled : :manual
         @engine_name = json['scanEngineName']
+        @scan_name = json['scanName']
       end
     end
 
@@ -822,6 +825,7 @@ module Nexpose
         @risk_score = json['riskScore']
         @type = json['Scan Type'] == 'Manual' ? :manual : :scheduled
         @engine_name = json['Scan Engine']
+        @scan_name = json['Scan Name']
       end
     end
 

data/lib/nexpose/shared_credential.rb

@@ -35,8 +35,12 @@ module Nexpose
     attr_accessor :domain
     # User name.
     attr_accessor :username
+    alias :user_name :username
+    alias :user_name= :username=
     # User name to use when elevating permissions (e.g., sudo).
     attr_accessor :privilege_username
+    alias :permission_elevation_user :privilege_username
+    alias :permission_elevation_user= :privilege_username=
     # Boolean to indicate whether this credential applies to all sites.
     attr_accessor :all_sites
     # When this credential was last modified.
@@ -79,8 +83,12 @@ module Nexpose
     attr_accessor :pem_key
     # Password to use when elevating permissions (e.g., sudo).
     attr_accessor :privilege_password
+    alias :permission_elevation_password :privilege_password
+    alias :permission_elevation_password= :privilege_password=
     # Permission elevation type. See Nexpose::Credential::ElevationType.
     attr_accessor :privilege_type
+    alias :permission_elevation_type :privilege_type
+    alias :permission_elevation_type= :privilege_type=
     # Privacty password of SNMP v3 credential
     attr_accessor :privacy_password
     # Authentication type of SNMP v3 credential
@@ -98,8 +106,9 @@ module Nexpose
     attr_accessor :disabled
 
     def initialize(name, id = -1)
-      @name, @id = name, id.to_i
-      @sites = []
+      @name     = name
+      @id       = id.to_i
+      @sites    = []
       @disabled = []
     end
 
@@ -168,7 +177,7 @@ module Nexpose
 
     # Test this credential against a target where the credentials should apply.
     # Only works for a newly created credential. Loading an existing credential
-    # will likely fail.
+    # will likely fail due to the API not sending password.
     #
     # @param [Connection] nsc An active connection to the security console.
     # @param [String] target Target host to check credentials against.
@@ -177,7 +186,7 @@ module Nexpose
     #
     def test(nsc, target, engine_id = nil, siteid = -1)
       unless engine_id
-        engine_id = nsc.engines.find { |e| e.name == 'Local scan engine' }.id
+        engine_id = nsc.engines.detect { |e| e.name == 'Local scan engine' }.id
       end
       @port = Credential::DEFAULT_PORTS[@service] if @port.nil?
       parameters = _to_param(target, engine_id, @port, siteid)
@@ -186,7 +195,6 @@ module Nexpose
       result.attributes['success'].to_i == 1
     end
 
-
     def _to_param(target, engine_id, port, siteid)
       { engineid: engine_id,
         sc_creds_dev: target,

data/lib/nexpose/site_credentials.rb

@@ -56,6 +56,50 @@ module Nexpose
     # scope of credential
     attr_accessor :scope
 
+    # Test this credential against a target where the credentials should apply.
+    # Only works for a newly created credential. Loading an existing credential
+    # will likely fail due to the API not sending password.
+    #
+    # @param [Connection] nsc An active connection to the security console.
+    # @param [String] target Target host to check credentials against.
+    # @param [Fixnum] engine_id ID of the engine to use for testing credentials.
+    #    Will default to the local engine if none is provided.
+    # @param [Fixnum] siteid
+    # @return [Boolean] If the credential is able to connect to the target.
+    #
+    def test(nsc, target, engine_id = nil, siteid = -1)
+      unless engine_id
+        engine_id = nsc.engines.detect { |e| e.name == 'Local scan engine' }.id
+      end
+      @port = Credential::DEFAULT_PORTS[@service] if @port.nil?
+      parameters = _to_param(target, engine_id, @port, siteid)
+      parameters = JSON.generate(parameters)
+      resp = JSON.parse(Nexpose::AJAX.post(nsc, '/data/credential/test', parameters, Nexpose::AJAX::CONTENT_TYPE::JSON))
+      resp['success'] == 'true'
+    end
+
+
+    def _to_param(target, engine_id, port, siteid)
+      {
+        dev: target,
+        port: port,
+        siteID: siteid,
+        engineID: engine_id,
+        service: @service,
+        domain: @domain,
+        database: @database,
+        userName: @user_name,
+        password: @password,
+        privilegeElevationUserName: @permission_elevation_user,
+        privilegeElevationPassword: @permission_elevation_password,
+        privilegeElevationType: @permission_elevation_type,
+        pemkey: @pem_format_private_key,
+        snmpv3AuthType: @authentication_type,
+        snmpv3PrivType: @privacy_type,
+        snmpv3PrivPassword: @privacy_password
+      }
+    end
+
     #Create a credential object using name, id, description, host and port
     def self.for_service(name, id = -1, desc = nil, host = nil, port = nil, service = Credential::Service::CIFS)
       cred = new
@@ -88,6 +132,7 @@ module Nexpose
     # Copy an existing configuration from a Nexpose instance.
     # Returned object will reset the credential ID and append "Copy" to the existing
     # name.
+    # Reminder: The password field will not be populated due to the API not sending password.
     #
     # @param [Connection] connection Connection to the security console.
     # @param [String] id Unique identifier of an site.
@@ -95,23 +140,24 @@ module Nexpose
     # @return [SiteCredentials] Site credential loaded from a Nexpose console.
     #
     def self.copy(connection, site_id, credential_id)
-      siteCredential = self.load(connection, site_id, credential_id)
-      siteCredential.id = -1
-      siteCredential.name = "#{siteCredential.name} Copy"
-      siteCredential
+      site_credential      = self.load(connection, site_id, credential_id)
+      site_credential.id   = -1
+      site_credential.name = "#{site_credential.name} Copy"
+      site_credential
     end
 
     # Copy an existing configuration from a site credential.
     # Returned object will reset the credential ID and append "Copy" to the existing
     # name.
+    # Reminder: The password field will not be populated due to the API not sending password.
     #
-    # @param [siteCredential] site credential to be copied.
     # @return [SiteCredentials] modified.
     #
-    def self.copy(siteCredential)
-      siteCredential.id = -1
-      siteCredential.name = "#{siteCredential.name} Copy"
-      siteCredential
+    def copy
+      site_credential      = self.clone
+      site_credential.id   = -1
+      site_credential.name = "#{site_credential.name} Copy"
+      site_credential
     end
 
     def to_json

data/lib/nexpose/version.rb

@@ -1,4 +1,4 @@
 module Nexpose
   # The latest version of the Nexpose gem
-  VERSION = '6.1.1'
+  VERSION = '7.0.0'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 6.1.1
+  version: 7.0.0
 platform: ruby
 authors:
 - HD Moore
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-07-24 00:00:00.000000000 Z
+date: 2017-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -127,6 +127,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 2.9.3
+- !ruby/object:Gem::Dependency
+  name: github_changelog_generator
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.9.12.6
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.9.12.6
 description: This gem provides a Ruby API to the Nexpose vulnerability management
   product by Rapid7.
 email:
@@ -141,6 +169,7 @@ extensions: []
 extra_rdoc_files:
 - README.markdown
 files:
+- CHANGELOG.md
 - COPYING
 - Gemfile
 - Gemfile.lock
@@ -158,6 +187,7 @@ files:
 - lib/nexpose/connection.rb
 - lib/nexpose/console.rb
 - lib/nexpose/credential.rb
+- lib/nexpose/credential_helper.rb
 - lib/nexpose/dag.rb
 - lib/nexpose/data_table.rb
 - lib/nexpose/device.rb