nexpose 7.0.0 → 7.0.1

data/lib/nexpose/vuln_def.rb

@@ -8,7 +8,7 @@ module Nexpose
     # @return [Array[VulnerabilityDefinition]] Collection of vulnerability definitions.
     #
     def all_vulns
-      uri = '/api/2.0/vulnerability_definitions'
+      uri  = '/api/2.0/vulnerability_definitions'
       resp = AJAX.get(self, uri, AJAX::CONTENT_TYPE::JSON, per_page: 2_147_483_647)
       json = JSON.parse(resp, symbolize_names: true)
       json[:resources].map { |e| VulnerabilityDefinition.new.object_from_hash(self, e) }
@@ -20,7 +20,7 @@ module Nexpose
     # @return [Array[VulnerabilityDefinition]] A list of vuln definitions which check the CVE.
     #
     def find_vulns_by_cve(cve)
-      uri = '/api/2.0/vulnerability_definitions'
+      uri  = '/api/2.0/vulnerability_definitions'
       resp = AJAX.get(self, uri, AJAX::CONTENT_TYPE::JSON, cve: cve)
       json = JSON.parse(resp, symbolize_names: true)
       json[:resources].map { |e| VulnerabilityDefinition.new.object_from_hash(self, e) }
@@ -40,7 +40,7 @@ module Nexpose
     #   check the vulnerability.
     #
     def find_vulns_by_ref(source, id)
-      uri = '/api/2.0/vulnerability_definitions'
+      uri  = '/api/2.0/vulnerability_definitions'
       resp = AJAX.get(self,
                       uri,
                       AJAX::CONTENT_TYPE::JSON,
@@ -62,10 +62,10 @@ module Nexpose
     #   the provided value.
     #
     def find_vulns_by_title(title, all_words = true)
-      uri = '/api/2.0/vulnerability_definitions'
+      uri    = '/api/2.0/vulnerability_definitions'
       params = { title: title, all_words: all_words }
-      resp = AJAX.get(self, uri, AJAX::CONTENT_TYPE::JSON, params)
-      json = JSON.parse(resp, symbolize_names: true)
+      resp   = AJAX.get(self, uri, AJAX::CONTENT_TYPE::JSON, params)
+      json   = JSON.parse(resp, symbolize_names: true)
       json[:resources].map { |e| VulnerabilityDefinition.new.object_from_hash(self, e) }
     end
   end
@@ -121,7 +121,7 @@ module Nexpose
     # @return [VulnerabilityDefinition] The requested vulnerability definition, if found.
     #
     def self.load(nsc, id)
-      uri = "/api/2.0/vulnerability_definitions/#{id}"
+      uri  = "/api/2.0/vulnerability_definitions/#{id}"
       resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
       hash = JSON.parse(resp, symbolize_names: true)
       new.object_from_hash(nsc, hash)

data/lib/nexpose/vuln_exception.rb

@@ -60,11 +60,9 @@ module Nexpose
         results << ve
       end
       results.keep_if { |v| v.status == status } unless status.nil?
-      return results
+      results
     end
-
-    alias_method :vuln_exceptions, :list_vuln_exceptions
-
+    alias vuln_exceptions list_vuln_exceptions
 
     # Resubmit a vulnerability exception request with a new comment and reason
     # after an exception has been rejected.
@@ -80,10 +78,10 @@ module Nexpose
     # @return [Boolean] Whether or not the resubmission was valid.
     #
     def resubmit_vuln_exception(id, comment, reason = nil)
-      options = { 'exception-id' => id }
+      options           = { 'exception-id' => id }
       options['reason'] = reason if reason
-      xml = make_xml('VulnerabilityExceptionResubmitRequest', options)
-      comment_xml = make_xml('comment', {}, comment, false)
+      xml               = make_xml('VulnerabilityExceptionResubmitRequest', options)
+      comment_xml       = make_xml('comment', {}, comment, false)
       xml.add_element(comment_xml)
       r = execute(xml, '1.2')
       r.success
@@ -115,22 +113,21 @@ module Nexpose
       execute(xml, '1.2').success
     end
 
-
     private
 
-      def is_valid_vuln_exception_status?(status)
-        return true if status.nil?
-        valid_status = []
-        Nexpose::VulnException::Status.constants.each {|con| valid_status << Nexpose::VulnException::Status.const_get(con) }
-        valid_status << Nexpose::VulnException::Status.constants.map(&:to_s).map(&:downcase)
-        valid_status.flatten.map(&:downcase).include?(status.downcase)
-      end
+    def is_valid_vuln_exception_status?(status)
+      return true if status.nil?
+      valid_status = []
+      Nexpose::VulnException::Status.constants.each { |con| valid_status << Nexpose::VulnException::Status.const_get(con) }
+      valid_status << Nexpose::VulnException::Status.constants.map(&:to_s).map(&:downcase)
+      valid_status.flatten.map(&:downcase).include?(status.downcase)
+    end
 
-      def status_string_to_constant(status)
-        Nexpose::VulnException::Status.constants.find do |name|
-          Nexpose::VulnException::Status.const_get(name).to_s.downcase==status.downcase || status.to_sym.downcase == name.downcase
-        end
+    def status_string_to_constant(status)
+      Nexpose::VulnException::Status.constants.find do |name|
+        Nexpose::VulnException::Status.const_get(name).to_s.downcase == status.downcase || status.to_sym.downcase == name.downcase
       end
+    end
 
   end
 
@@ -138,13 +135,13 @@ module Nexpose
   #
   # Certain attributes are necessary for some exception scopes, even though
   # they are optional otherwise.
-  # • An exception for all instances of a vulnerability on all assets only
+  # - An exception for all instances of a vulnerability on all assets only
   #   requires the vuln_id attribute. The asset_id, vuln_key and port
   #   attributes are ignored for this scope type.
-  # • An exception for all instances on a specific asset requires the vuln_id
+  # - An exception for all instances on a specific asset requires the vuln_id
   #   and asset_id attributes. The vuln_key and port attributes are ignored for
   #   this scope type.
-  # • An exception for a specific instance of a vulnerability on a specific
+  # - An exception for a specific instance of a vulnerability on a specific
   #   asset requires the vuln_id, asset_id. Additionally, the port and/or the
   #   key attribute must be specified.
   #
@@ -169,8 +166,8 @@ module Nexpose
     attr_accessor :scope
     # ID of asset, if this exception applies to only one asset.
     attr_accessor :asset_id
-    alias :device_id :asset_id
-    alias :device_id= :asset_id=
+    alias device_id asset_id
+    alias device_id= asset_id=
     # Id of the site, if this exception applies to all instances on a site
     attr_accessor :site_id
     # ID of the Asset Group, if this exception applies to all instances on an asset group
@@ -193,9 +190,11 @@ module Nexpose
     # Date when Submit occurred [Time]
     attr_accessor :submit_date
 
-
     def initialize(vuln_id, scope, reason, status = nil)
-      @vuln_id, @scope, @reason, @status = vuln_id, scope, reason, status
+      @vuln_id = vuln_id
+      @scope   = scope
+      @reason  = reason
+      @status  = status
     end
 
     # Submit this exception on the security console.
@@ -413,27 +412,27 @@ module Nexpose
     #
     module Status
       UNDER_REVIEW = 'Under Review'
-      APPROVED = 'Approved'
-      REJECTED = 'Rejected'
-      DELETED = 'Deleted'
+      APPROVED     = 'Approved'
+      REJECTED     = 'Rejected'
+      DELETED      = 'Deleted'
     end
 
     # The reason for the exception status.
     #
     module Reason
-      FALSE_POSITIVE = 'False Positive'
+      FALSE_POSITIVE       = 'False Positive'
       COMPENSATING_CONTROL = 'Compensating Control'
-      ACCEPTABLE_USE = 'Acceptable Use'
-      ACCEPTABLE_RISK = 'Acceptable Risk'
-      OTHER = 'Other'
+      ACCEPTABLE_USE       = 'Acceptable Use'
+      ACCEPTABLE_RISK      = 'Acceptable Risk'
+      OTHER                = 'Other'
     end
 
     # The scope of the exception.
     #
     module Scope
-      ALL_INSTANCES = 'All Instances'
-      ALL_INSTANCES_ON_A_SPECIFIC_ASSET = 'All Instances on a Specific Asset'
-      ALL_INSTANCES_IN_A_SPECIFIC_SITE = 'All Instances in a Specific Site'
+      ALL_INSTANCES                       = 'All Instances'
+      ALL_INSTANCES_ON_A_SPECIFIC_ASSET   = 'All Instances on a Specific Asset'
+      ALL_INSTANCES_IN_A_SPECIFIC_SITE    = 'All Instances in a Specific Site'
       SPECIFIC_INSTANCE_OF_SPECIFIC_ASSET = 'Specific Instance of Specific Asset'
     end
   end

data/lib/nexpose/wait.rb

@@ -1,12 +1,13 @@
 module Nexpose
+
   class Wait
     attr_reader :error_message, :ready, :retry_count, :timeout, :polling_interval
 
     def initialize(retry_count: nil, timeout: nil, polling_interval: nil)
-      @error_message = 'Default General Failure in Nexpose::Wait'
-      @ready = false
-      @retry_count = retry_count.to_i
-      @timeout = timeout
+      @error_message    = 'Default General Failure in Nexpose::Wait'
+      @ready            = false
+      @retry_count      = retry_count.to_i
+      @timeout          = timeout
       @polling_interval = polling_interval
     end
 
@@ -18,49 +19,49 @@ module Nexpose
       poller = Nexpose::Poller.new(timeout: @timeout, polling_interval: @polling_interval)
       poller.wait(report_status_proc(nexpose_connection: nexpose_connection, report_id: report_id))
       @ready = true
-      rescue TimeoutError
-        @ready = false
-        retry if timeout_retry?
-        @error_message = "Timeout Waiting for Report to Generate - Report Config ID: #{report_id}"
-      rescue NoMethodError => error
-        @ready = false
-        @error_message = "Error Report Config ID: #{report_id} :: Report Probably Does Not Exist :: #{error}"
-      rescue => error
-        @ready = false
-        @error_message = "Error Report Config ID: #{report_id} :: #{error}"
+    rescue Timeout::Error
+      @ready = false
+      retry if timeout_retry?
+      @error_message = "Timeout Waiting for Report to Generate - Report Config ID: #{report_id}"
+    rescue NoMethodError => error
+      @ready = false
+      @error_message = "Error Report Config ID: #{report_id} :: Report Probably Does Not Exist :: #{error}"
+    rescue => error
+      @ready = false
+      @error_message = "Error Report Config ID: #{report_id} :: #{error}"
     end
 
     def for_integration(nexpose_connection:, scan_id:, status: 'finished')
       poller = Nexpose::Poller.new(timeout: @timeout, polling_interval: @polling_interval)
       poller.wait(integration_status_proc(nexpose_connection: nexpose_connection, scan_id: scan_id, status: status))
       @ready = true
-      rescue TimeoutError
-        @ready = false
-        retry if timeout_retry?
-        @error_message = "Timeout Waiting for Integration Status of '#{status}' - Scan ID: #{scan_id}"
-      rescue Nexpose::APIError => error
-        @ready = false
-        @error_message = "API Error Waiting for Integration Scan ID: #{scan_id} :: #{error.req.error}"
+    rescue Timeout::Error
+      @ready = false
+      retry if timeout_retry?
+      @error_message = "Timeout Waiting for Integration Status of '#{status}' - Scan ID: #{scan_id}"
+    rescue Nexpose::APIError => error
+      @ready = false
+      @error_message = "API Error Waiting for Integration Scan ID: #{scan_id} :: #{error.req.error}"
     end
 
     def for_judgment(proc:, desc:)
       poller = Nexpose::Poller.new(timeout: @timeout, polling_interval: @polling_interval)
       poller.wait(proc)
       @ready = true
-      rescue TimeoutError
-        @ready = false
-        retry if timeout_retry?
-        @error_message = "Timeout Waiting for Judgment to Judge. #{desc}"
+    rescue Timeout::Error
+      @ready = false
+      retry if timeout_retry?
+      @error_message = "Timeout Waiting for Judgment to Judge. #{desc}"
     end
 
     private
 
     def report_status_proc(nexpose_connection:, report_id:)
-      Proc.new { nexpose_connection.last_report(report_id).status == 'Generated' }
+      proc { nexpose_connection.last_report(report_id).status == 'Generated' }
     end
 
     def integration_status_proc(nexpose_connection:, scan_id:, status:)
-      Proc.new { nexpose_connection.scan_status(scan_id).downcase == status.downcase }
+      proc { nexpose_connection.scan_status(scan_id).downcase == status.downcase }
     end
 
     def timeout_retry?
@@ -71,6 +72,7 @@ module Nexpose
         false
       end
     end
+
   end
 
   class Poller
@@ -89,7 +91,7 @@ module Nexpose
       @poll_begin = Time.now
       loop do
         break if condition.call
-        raise TimeoutError if @poll_begin + @timeout < Time.now
+        raise Timeout::Error if @poll_begin + @timeout < Time.now
         sleep @polling_interval
       end
     end
@@ -105,5 +107,7 @@ module Nexpose
       default_polling = 1
       ENV['GLOBAL_POLLING_INTERVAL'].nil? ? default_polling : ENV['GLOBAL_POLLING_INTERVAL']
     end
+
   end
+
 end

data/lib/nexpose/web_credentials.rb

@@ -4,14 +4,13 @@ module Nexpose
   module WebCredentials
 
     module WebAppAuthType
-      HTML_FORM = 'htmlform'  # Represent HTML form credentials.
+      HTML_FORM   = 'htmlform' # Represent HTML form credentials.
       HTTP_HEADER = 'httpheaders' # Represent HTTP header credentials.
     end
 
     # Object that represents Header name-value pairs, associated with Web Session Authentication.
     #
     class Header
-
       # Name, one per Header
       attr_reader :name
       # Value, one per Header
@@ -19,7 +18,7 @@ module Nexpose
 
       # Construct with name value pair
       def initialize(name, value)
-        @name = name
+        @name  = name
         @value = value
       end
 
@@ -28,16 +27,16 @@ module Nexpose
       end
 
       def to_h
-        header = Hash.new
+        header        = {}
         header[@name] = @value
         header
       end
+
     end
 
     # Object that represents Headers, associated with Web Session Authentication.
     #
     class Headers < APIObject
-
       # A regular expression used to match against the response to identify authentication failures.
       attr_reader :soft403Pattern
       # Base URL of the application for which the form authentication applies.
@@ -48,20 +47,19 @@ module Nexpose
       attr_reader :name
       # is this enable for the site configuration
       attr_accessor :enabled
-      #service type of header
+      # service type of header
       attr_reader :service
       # id of the header
       attr_reader :id
 
-
       def initialize(name, baseURL, soft403Pattern, id = -1, enabled = true)
-        @headers = {}
-        @name = name
-        @baseURL = baseURL
+        @headers        = {}
+        @name           = name
+        @baseURL        = baseURL
         @soft403Pattern = soft403Pattern
-        @service = WebAppAuthType::HTTP_HEADER
-        @enabled = enabled
-        @id = id
+        @service        = WebAppAuthType::HTTP_HEADER
+        @enabled        = enabled
+        @id             = id
       end
 
       def add_header(header)
@@ -79,8 +77,7 @@ module Nexpose
           name: name,
           headers: headers,
           baseURL: baseURL,
-          soft403Pattern: soft403Pattern
-        }
+          soft403Pattern: soft403Pattern }
       end
 
       def ==(other)
@@ -96,7 +93,8 @@ module Nexpose
         baseURL.eql?(other.baseURL) &&
         soft403Pattern.eql?(other.soft403Pattern)
       end
-   end
+
+    end
 
     # When using HTML form, this represents the login form information.
     #
@@ -116,9 +114,9 @@ module Nexpose
       attr_reader :checked
 
       def initialize(name, value, type, dynamic, checked)
-        @name = name
-        @value = value
-        @type = type
+        @name    = name
+        @value   = value
+        @type    = type
         @dynamic = dynamic
         @checked = checked
       end
@@ -136,12 +134,12 @@ module Nexpose
           checked: checked
         }
       end
+
     end
 
     # When using HTML form, this represents the login form information.
     #
     class HTMLForm
-
       # The name of the form being submitted.
       attr_reader :name
       # The HTTP action (URL) through which to submit the login form.
@@ -154,11 +152,11 @@ module Nexpose
       attr_reader :fields
 
       def initialize(name, action, method, encType)
-        @name = name
-        @action = action
-        @method = method
+        @name    = name
+        @action  = action
+        @method  = method
         @encType = encType
-        @fields = []
+        @fields  = []
       end
 
       def add_field(field)
@@ -175,9 +173,9 @@ module Nexpose
           method: method,
           encType: encType,
           fields: fields,
-          parentPage: action
-        }
+          parentPage: action }
       end
+
     end
 
     # When using HTML form, this represents the login form information.
@@ -194,7 +192,7 @@ module Nexpose
       attr_reader :name
       # is this enable for the site configuration
       attr_accessor :enabled
-      #service type of header
+      # service type of header
       attr_reader :service
       # id of the header
       attr_reader :id
@@ -202,13 +200,13 @@ module Nexpose
       attr_reader :form
 
       def initialize(name, baseURL, loginURL, soft403Pattern, id = -1, enabled = true)
-        @name = name
-        @baseURL = baseURL
-        @loginURL = loginURL
+        @name           = name
+        @baseURL        = baseURL
+        @loginURL       = loginURL
         @soft403Pattern = soft403Pattern
-        @service = WebAppAuthType::HTML_FORM
-        @enabled = enabled
-        @id = id
+        @service        = WebAppAuthType::HTML_FORM
+        @enabled        = enabled
+        @id             = id
       end
 
       def add_html_form(html_form)
@@ -227,8 +225,7 @@ module Nexpose
           form: form.to_h,
           baseURL: baseURL,
           loginURL: loginURL,
-          soft403Pattern: soft403Pattern
-        }
+          soft403Pattern: soft403Pattern }
       end
 
       def ==(other)
@@ -247,6 +244,7 @@ module Nexpose
       end
 
     end
+
   end
-end
 
+end