nexpose 7.0.0 → 7.0.1

data/lib/nexpose/discovery/filter.rb

@@ -7,20 +7,20 @@ module Nexpose
       CLUSTER = 'CLUSTER'
 
       # Valid Operators: IS, IS_NOT
-      DATACENTER ='DATACENTER'
+      DATACENTER = 'DATACENTER'
 
       # Valid Operators: CONTAINS, NOT_CONTAINS
-      GUEST_OS_FAMILY = 'GUEST_OS_FAMILY'   #Also AWS Filter
+      GUEST_OS_FAMILY = 'GUEST_OS_FAMILY' # Also AWS Filter
 
       # Valid Operators: IN, NOT_IN
-      IP_ADDRESS_RANGE = 'IP_ADDRESS'   #Also AWS Filter
+      IP_ADDRESS_RANGE = 'IP_ADDRESS' # Also AWS Filter
 
       # Valid Operators: IN, NOT_IN
       # Valid Values (See Value::PowerState): ON, OFF, SUSPENDED
       POWER_STATE = 'POWER_STATE'
 
       # Valid Operators: CONTAINS, NOT_CONTAINS
-      RESOURCE_POOL_PATH ='RESOURCE_POOL_PATH'
+      RESOURCE_POOL_PATH = 'RESOURCE_POOL_PATH'
 
       # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH
       VIRTUAL_MACHINE_NAME = 'VM'
@@ -45,7 +45,7 @@ module Nexpose
       INSTANCE_TYPE = 'INSTANCE_TYPE'
 
       # Valid Operators: IN, NOT_IN
-      REGION ='REGION'
+      REGION = 'REGION'
 
       ###### Mobile or Active sync Filters ######
       # Valid Operators: CONTAINS, NOT_CONTAINS
@@ -54,13 +54,12 @@ module Nexpose
       # Valid Operators: IS, IS_NOT, CONTAINS, NOT_CONTAINS, STARTS_WITH
       USER = 'DEVICE_USER_DISPLAY_NAME'
 
-
     end
 
     module Value
       module PowerState
-        ON = 'poweredOn'
-        OFF = 'poweredOff'
+        ON        = 'poweredOn'
+        OFF       = 'poweredOff'
         SUSPENDED = 'suspended'
       end
     end

data/lib/nexpose/engine.rb

@@ -10,8 +10,7 @@ module Nexpose
     # @return [Boolean] true if engine successfully deleted.
     #
     def delete_engine(engine_id, scope = 'silo')
-      xml = make_xml('EngineDeleteRequest',
-                     {'engine-id' => engine_id, 'scope' => scope})
+      xml = make_xml('EngineDeleteRequest', { 'engine-id' => engine_id, 'scope' => scope })
       response = execute(xml, '1.2')
       response.success
     end
@@ -27,9 +26,9 @@ module Nexpose
     # @return [Boolean] true if the connection is successfully reversed.
     #
     def reverse_engine_connection(engine_id)
-      uri = "/api/2.1/engine/#{engine_id}/reverseConnection"
+      uri      = "/api/2.1/engine/#{engine_id}/reverseConnection"
       response = AJAX.put(self, uri)
-      response.eql?("true")
+      response.eql?('true')
     end
 
     # Kicks off an update on a single engine.
@@ -54,8 +53,8 @@ module Nexpose
     #   each active scan on the engine.
     #
     def engine_activity(engine_id)
-      xml = make_xml('EngineActivityRequest', {'engine-id' => engine_id})
-      r = execute(xml)
+      xml = make_xml('EngineActivityRequest', { 'engine-id' => engine_id })
+      r   = execute(xml)
       arr = []
       if r.success
         r.res.elements.each('//ScanSummary') do |scan_event|
@@ -72,7 +71,7 @@ module Nexpose
     #
     def list_engines
       response = execute(make_xml('EngineListingRequest'))
-      arr = []
+      arr      = []
       if response.success
         response.res.elements.each('//EngineSummary') do |engine|
           arr << EngineSummary.new(engine.attributes['id'].to_i,
@@ -86,7 +85,7 @@ module Nexpose
       arr
     end
 
-    alias_method :engines, :list_engines
+    alias engines list_engines
   end
 
   # Object representing the current details of a scan engine attached to the
@@ -110,12 +109,12 @@ module Nexpose
     attr_reader :scope
 
     def initialize(id, name, address, port, status, scope = 'silo')
-      @id = id
-      @name = name
+      @id      = id
+      @name    = name
       @address = address
-      @port = port
-      @status = status
-      @scope = scope
+      @port    = port
+      @status  = status
+      @scope   = scope
     end
   end
 
@@ -143,13 +142,13 @@ module Nexpose
     attr_accessor :sites
 
     def initialize(address, name = nil, port = 40814)
-      @id = -1
+      @id      = -1
       @address = address
-      @name = name
-      @name ||= address
-      @port = port
-      @scope = 'silo'
-      @sites = []
+      @name    = name
+      @name  ||= address
+      @port    = port
+      @scope   = 'silo'
+      @sites   = []
     end
 
     def self.load(connection, id)
@@ -163,12 +162,14 @@ module Nexpose
           engine = Engine.new(config.attributes['address'],
                               config.attributes['name'],
                               config.attributes['port'])
-          engine.id = config.attributes['id']
-          engine.scope = config.attributes['scope'] if config.attributes['scope']
+          engine.id       = config.attributes['id']
+          engine.scope    = config.attributes['scope'] if config.attributes['scope']
           engine.priority = config.attributes['priority'] if config.attributes['priority']
+
           config.elements.each('Site') do |site|
             engine.sites << SiteSummary.new(site.attributes['id'], site.attributes['name'])
           end
+
           return engine
         end
       end

data/lib/nexpose/error.rb

@@ -1,12 +1,13 @@
 module Nexpose
+
   class APIError < ::RuntimeError
     attr_accessor :req, :reason
     attr_reader :code
 
     def initialize(req, reason = '', code = 400)
-      @req = req
+      @req    = req
       @reason = reason
-      @code = code
+      @code   = code
     end
 
     def to_s
@@ -16,15 +17,16 @@ module Nexpose
 
   class AuthenticationFailed < APIError
     def initialize(req)
-      @req = req
-      @reason = "Login Failed"
+      @req    = req
+      @reason = 'Login Failed'
     end
   end
 
   class PermissionError < APIError
     def initialize(req)
-      @req = req
+      @req    = req
       @reason = 'User does not have permission to perform this action.'
     end
   end
+
 end

data/lib/nexpose/external.rb

@@ -27,10 +27,10 @@ module Nexpose
     # @return [Array[ImportResult]] collection of import results.
     #
     def import_assets_from_json(site_id, json)
-      uri = "/api/2.1/sites/#{site_id}/assets"
+      uri  = "/api/2.1/sites/#{site_id}/assets"
       # Wait up to 5 minutes for a response.
       resp = AJAX.post(self, uri, json, AJAX::CONTENT_TYPE::JSON, 300)
-      arr = JSON.parse(resp, symbolize_names: true)
+      arr  = JSON.parse(resp, symbolize_names: true)
       arr.map { |e| External::ImportResult.new.object_from_hash(self, e) }
     end
   end
@@ -87,15 +87,15 @@ module Nexpose
       attr_accessor :vulnerabilities
 
       def initialize
-        @aliases = []
-        @software = []
-        @services = []
-        @attributes = []
-        @users = []
-        @groups = []
-        @files = []
+        @aliases            = []
+        @software           = []
+        @services           = []
+        @attributes         = []
+        @users              = []
+        @groups             = []
+        @files              = []
         @unique_identifiers = []
-        @vulnerabilities = []
+        @vulnerabilities    = []
       end
 
       def to_json
@@ -123,10 +123,10 @@ module Nexpose
 
       # Valid host types for an asset.
       module HostType
-        GUEST = 'GUEST'
+        GUEST      = 'GUEST'
         HYPERVISOR = 'HYPERVISOR'
-        PHYSICAL = 'PHYSICAL'
-        MOBILE = 'MOBILE'
+        PHYSICAL   = 'PHYSICAL'
+        MOBILE     = 'MOBILE'
       end
     end
 
@@ -143,7 +143,9 @@ module Nexpose
       attr_accessor :vulnerabilities
 
       def initialize(port, protocol = Protocol::RAW, name = nil)
-        @port, @protocol, @name = port, protocol, name
+        @port            = port
+        @protocol        = protocol
+        @name            = name
         @vulnerabilities = []
       end
 
@@ -169,7 +171,10 @@ module Nexpose
       attr_accessor :proof
 
       def initialize(vuln_id, status = Status::EXPLOITED, proof = nil, key = nil)
-        @vuln_id, @status, @proof, @key = vuln_id, status, proof, key
+        @vuln_id = vuln_id
+        @status  = status
+        @proof   = proof
+        @key     = key
       end
 
       def to_h
@@ -185,7 +190,7 @@ module Nexpose
         EXPLOITED = 'vulnerable-exploited'
         # Vulnerable because the service or software version is associated with
         # a known vulnerability.
-        VERSION = 'vulnerable-version'
+        VERSION   = 'vulnerable-version'
         # A potential vulnerability.
         POTENTIAL = 'potential'
       end

data/lib/nexpose/filter.rb

@@ -14,7 +14,7 @@ module Nexpose
     #
     def filter(field, operator, value = '')
       criterion = Criterion.new(field, operator, value)
-      criteria = Criteria.new(criterion)
+      criteria  = Criteria.new(criterion)
       search(criteria)
     end
 
@@ -34,9 +34,7 @@ module Nexpose
     # @return [Array[FilteredAsset]] List of matching assets.
     #
     def search(criteria)
-      results = DataTable._get_json_table(self,
-                                          '/data/asset/filterAssets',
-                                          criteria._to_payload)
+      results = DataTable._get_json_table(self, '/data/asset/filterAssets', criteria._to_payload)
       results.map { |a| FilteredAsset.new(a) }
     end
   end
@@ -173,32 +171,32 @@ module Nexpose
     # List of acceptable operators. Not all fields accept all operators.
     #
     module Operator
-      CONTAINS = 'CONTAINS'
-      NOT_CONTAINS = 'NOT_CONTAINS'
-      IS = 'IS'
-      IS_NOT = 'IS_NOT'
-      ARE = 'ARE'
-      IN = 'IN'
-      NOT_IN = 'NOT_IN'
-      IN_RANGE = 'IN_RANGE'
-      NOT_IN_RANGE = 'NOT_IN_RANGE'
-      STARTS_WITH = 'STARTS_WITH'
-      ENDS_WITH = 'ENDS_WITH'
-      ON_OR_BEFORE = 'ON_OR_BEFORE'
-      ON_OR_AFTER = 'ON_OR_AFTER'
-      BETWEEN = 'BETWEEN'
-      EARLIER_THAN = 'EARLIER_THAN'
+      ARE             = 'ARE'
+      BETWEEN         = 'BETWEEN'
+      CONTAINS        = 'CONTAINS'
+      DO_NOT_INCLUDE  = 'DO_NOT_INCLUDE'
+      EARLIER_THAN    = 'EARLIER_THAN'
+      ENDS_WITH       = 'ENDS_WITH'
+      GREATER_THAN    = 'GREATER_THAN'
+      IN              = 'IN'
+      INCLUDE         = 'INCLUDE'
+      IN_RANGE        = 'IN_RANGE'
+      IS              = 'IS'
+      IS_APPLIED      = 'IS_APPLIED'
+      IS_EMPTY        = 'IS_EMPTY'
+      IS_NOT          = 'IS_NOT'
+      IS_NOT_APPLIED  = 'IS_NOT_APPLIED'
+      IS_NOT_EMPTY    = 'IS_NOT_EMPTY'
+      LESS_THAN       = 'LESS_THAN'
+      LIKE            = 'LIKE'
+      NOT_CONTAINS    = 'NOT_CONTAINS'
+      NOT_IN          = 'NOT_IN'
+      NOT_IN_RANGE    = 'NOT_IN_RANGE'
+      NOT_LIKE        = 'NOT_LIKE'
+      ON_OR_AFTER     = 'ON_OR_AFTER'
+      ON_OR_BEFORE    = 'ON_OR_BEFORE'
+      STARTS_WITH     = 'STARTS_WITH'
       WITHIN_THE_LAST = 'WITHIN_THE_LAST'
-      GREATER_THAN = 'GREATER_THAN'
-      LESS_THAN = 'LESS_THAN'
-      IS_EMPTY = 'IS_EMPTY'
-      IS_NOT_EMPTY = 'IS_NOT_EMPTY'
-      INCLUDE = 'INCLUDE'
-      DO_NOT_INCLUDE = 'DO_NOT_INCLUDE'
-      IS_APPLIED = 'IS_APPLIED'
-      IS_NOT_APPLIED = 'IS_NOT_APPLIED'
-      LIKE = 'LIKE'
-      NOT_LIKE = 'NOT_LIKE'
     end
 
     # Specialized values used by certain search fields
@@ -206,36 +204,36 @@ module Nexpose
     module Value
       # Constants for filtering on access complexity.
       module AccessComplexity
-        LOW = 'L'
+        LOW    = 'L'
         MEDIUM = 'M'
-        HIGH = 'H'
+        HIGH   = 'H'
       end
 
       # Constants for filtering on access vector.
       module AccessVector
-        LOCAL = 'L'
+        LOCAL    = 'L'
         ADJACENT = 'A'
-        NETWORK = 'N'
+        NETWORK  = 'N'
       end
 
       # Constants for filtering on whether authentication is required.
       module AuthenticationRequired
-        NONE = 'N'
-        SINGLE = 'S'
+        NONE     = 'N'
+        SINGLE   = 'S'
         MULTIPLE = 'M'
       end
 
       # Constants for filtering on CVSS impact.
       module CVSSImpact
-        NONE = 'N'
-        PARTIAL = 'P'
+        NONE     = 'N'
+        PARTIAL  = 'P'
         COMPLETE = 'C'
       end
 
       # Constants for filtering on host type.
       module HostType
-        UNKNOWN = '0'
-        VIRTUAL = '1'
+        UNKNOWN    = '0'
+        VIRTUAL    = '1'
         HYPERVISOR = '2'
         BARE_METAL = '3'
       end
@@ -263,15 +261,15 @@ module Nexpose
       # Constants for filtering on vulnerability validations.
       module ValidatedVulnerability
         NOT_PRESENT = 1
-        PRESENT = 0
+        PRESENT     = 0
       end
 
       # Constants for filtering on vulnerability exposure.
       module VulnerabilityExposure
-        MALWARE = 'type:"malware_type", name:"malwarekit"'
+        MALWARE    = 'type:"malware_type", name:"malwarekit"'
         # TODO: A problem in Nexpose causes these values to not be constant.
         METASPLOIT = 'type:"exploit_source_type", name:"2"'
-        DATABASE = 'type:"exploit_source_type", name:"1"'
+        DATABASE   = 'type:"exploit_source_type", name:"1"'
       end
     end
   end
@@ -288,7 +286,8 @@ module Nexpose
     attr_accessor :value
 
     def initialize(field, operator, value = '')
-      @field, @operator = field.upcase, operator.upcase
+      @field    = field.upcase
+      @operator = operator.upcase
       if value.is_a? Array
         @value = value.map(&:to_s)
       else
@@ -384,17 +383,17 @@ module Nexpose
     attr_reader :last_scan
 
     def initialize(json)
-      @id = json['assetID']
-      @ip = json['assetIP']
-      @name = json['assetName']
-      @os = json['assetOSName']
+      @id            = json['assetID']
+      @ip            = json['assetIP']
+      @name          = json['assetName']
+      @os            = json['assetOSName']
       @exploit_count = json['exploitCount'].to_i
       @malware_count = json['malwareCount'].to_i
-      @vuln_count = json['vulnCount'].to_i
-      @risk_score = json['riskScore'].to_f
-      @site_ids = json['sitePermissions'].map { |site| site['siteID'] }
-      @site_id = @site_ids.first
-      @last_scan = Time.at(json['lastScanDate'].to_i / 1000)
+      @vuln_count    = json['vulnCount'].to_i
+      @risk_score    = json['riskScore'].to_f
+      @site_ids      = json['sitePermissions'].map { |site| site['siteID'] }
+      @site_id       = @site_ids.first
+      @last_scan     = Time.at(json['lastScanDate'].to_i / 1000)
     end
   end
 end

data/lib/nexpose/global_blackout.rb

@@ -18,8 +18,7 @@ module Nexpose
 
     def to_h
       {
-          blackouts:
-              (@blackout || []).map { |blackout| blackout.to_h }
+        blackouts: (@blackout || []).map(&:to_h)
       }
     end
 
@@ -32,11 +31,11 @@ module Nexpose
     end
 
     def self.load(nsc)
-      uri = '/api/2.1/silo_blackout/'
-      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
-      hash = JSON.parse(resp, symbolize_names: true)
-      blackout = self.json_initializer(hash).deserialize(hash)
-      blackout.blackout = (hash[:blackouts] || []).map { |blackout| Nexpose::Blackout.from_hash(blackout) }
+      uri               = '/api/2.1/silo_blackout/'
+      resp              = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      hash              = JSON.parse(resp, symbolize_names: true)
+      blackout          = self.json_initializer(hash).deserialize(hash)
+      blackout.blackout = (hash[:blackouts] || []).map { |bout| Nexpose::Blackout.from_hash(bout) }
       blackout
     end
   end