nexpose 7.0.1 → 7.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 89a7f9d4854b3ac3826f56995370a1d38d0514be
-  data.tar.gz: 4b5a6783ca354eae0b694f970963c5eb44cf3de3
+  metadata.gz: 59f070e8c264d2a89412a6fc5ab76fc6c381aced
+  data.tar.gz: a18e65e39dc9af8eeed11bf9dc9def359530041d
 SHA512:
-  metadata.gz: 2faafc134faf7d0cd56ddf94a1119f6093e078c46164066f54ebafe1f13763be044c2c09930bc8adb7ebb93073c32c928fe09fc9c47042939960f8766675bda7
-  data.tar.gz: 30683f228a157c4c5c34ea74c78b991e69cc6d0ef6749299083c9e2b4e2b92df8dbfb3d8dcc535d31d41a9403ae2b31556009697adaa2378201642a2bddc53f6
+  metadata.gz: cce4d28b939fd0802867eba5cd7658a71ef9e324223435c589ae95ca8e8ff43cd64bfce4289e43204dc2d43d529215492a751710e17d835914731fb0ca2f661c
+  data.tar.gz: 2e93edccb2e6161c2bd314602bfe3217bc0c613db80d734342f4613ad54bec9c4a4afb63130d47b912f2073ca84cdf03b3b97fa525ae2a2d64ade58df02ee65e

data/CHANGELOG.md

@@ -1,5 +1,35 @@
 # Change Log
 
+## [Unreleased](https://github.com/rapid7/nexpose-client/tree/HEAD)
+
+[Full Changelog](https://github.com/rapid7/nexpose-client/compare/v7.0.1...HEAD)
+
+**Fixed bugs:**
+
+- nsc.list\_vuln\_exceptions does not return site\_id as documented [\#250](https://github.com/rapid7/nexpose-client/issues/250)
+
+**Closed issues:**
+
+- support for encryption for recovery [\#290](https://github.com/rapid7/nexpose-client/issues/290)
+- Connection Timeout When Creating DynamicAssetGroup with large number of criteria [\#274](https://github.com/rapid7/nexpose-client/issues/274)
+- Vulnerability Exception 'approve' function applies vulnerability exception but throws a ruby exception [\#271](https://github.com/rapid7/nexpose-client/issues/271)
+- Add a global timeout parameter to Connection [\#269](https://github.com/rapid7/nexpose-client/issues/269)
+- Update Example Scripts [\#244](https://github.com/rapid7/nexpose-client/issues/244)
+
+**Merged pull requests:**
+
+- adding the ability to include a password when restoring a backup [\#298](https://github.com/rapid7/nexpose-client/pull/298) ([sgreen-r7](https://github.com/sgreen-r7))
+- Allow for Starting Scan during Blackout [\#297](https://github.com/rapid7/nexpose-client/pull/297) ([sgreen-r7](https://github.com/sgreen-r7))
+
+## [v7.0.1](https://github.com/rapid7/nexpose-client/tree/v7.0.1) (2017-09-11)
+[Full Changelog](https://github.com/rapid7/nexpose-client/compare/v7.0.0...v7.0.1)
+
+**Merged pull requests:**
+
+- Only Cleanup!! v3 [\#295](https://github.com/rapid7/nexpose-client/pull/295) ([sgreen-r7](https://github.com/sgreen-r7))
+- Revert "Only Cleanup!" [\#293](https://github.com/rapid7/nexpose-client/pull/293) ([sgreen-r7](https://github.com/sgreen-r7))
+- Only Cleanup! [\#292](https://github.com/rapid7/nexpose-client/pull/292) ([sgreen-r7](https://github.com/sgreen-r7))
+
 ## [v7.0.0](https://github.com/rapid7/nexpose-client/tree/v7.0.0) (2017-08-31)
 [Full Changelog](https://github.com/rapid7/nexpose-client/compare/v6.1.1...v7.0.0)
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    nexpose (7.0.1)
+    nexpose (7.1.0)
 
 GEM
   remote: https://rubygems.org/

data/README.markdown

@@ -15,6 +15,8 @@ Since version 1.0 nexpose-client uses [Semantic Versioning](http://semver.org/).
 
 Release notes are available on the [Releases](https://github.com/rapid7/nexpose-client/releases) page.
 
+The full Changelog is available as well, on the [Changelog](https://github.com/rapid7/nexpose-client/blob/master/CHANGELOG.md) page.
+
 ## Contributions
 
 We welcome contributions to this package. Please see [CONTRIBUTING](.github/CONTRIBUTING.md) for details.

data/lib/nexpose/maint.rb

@@ -96,12 +96,15 @@ module Nexpose
     # It will restart the console after acknowledging receiving the request.
     #
     # @param [Connection] nsc An active connection to a Nexpose console.
+    # @param [String] (Optional) The password to use when restoring the backup.
     # @return [Boolean] Whether the request was received.
     #
-    def restore(nsc)
+    def restore(nsc, password = nil)
+      raise 'Supplied Password is incorrect for restoring this Backup.' if invalid_backup_password?(nsc, password)
       parameters = { 'backupid' => @name,
                      'cmd' => 'restore',
-                     'targetTask' => 'backupRestore' }
+                     'targetTask' => 'backupRestore',
+                     'password' => password }
       xml = AJAX.form_post(nsc, '/admin/global/maintenance/maintCmd.txml', parameters)
       if !!(xml =~ /succeded="true"/)
         nsc._maintenance_restart
@@ -129,5 +132,23 @@ module Nexpose
           hash['Platform-Independent'],
           hash['Size'])
     end
+
+    private
+
+    def invalid_backup_password?(nsc, password)
+      !correct_backup_password?(nsc, password) if backup_need_password?(nsc)
+    end
+
+    def backup_need_password?(nsc)
+      resp = Nexpose::AJAX.get(nsc, '/data/admin/backups/password', Nexpose::AJAX::CONTENT_TYPE::JSON, 'backupID' => name)
+      resp == 'true'
+    end
+
+    def correct_backup_password?(nsc, password)
+      raise 'This Backup file requires a Password. Please include a password during the restore command.' if password.nil?
+      resp = Nexpose::AJAX.post(nsc, "/data/admin/backups/password?backupID=#{name}&password=#{password}", nil, Nexpose::AJAX::CONTENT_TYPE::JSON)
+      resp == 'true'
+    end
+
   end
 end

data/lib/nexpose/scan.rb

@@ -196,10 +196,12 @@ module Nexpose
     # Initiate a site scan.
     #
     # @param [Fixnum] site_id Site ID to scan.
+    # @param [Boolean] blackout_override Optional. Given suffencent permissions, force bypass blackout and start scan.
     # @return [Scan] Scan launch information.
     #
-    def scan_site(site_id)
-      xml      = make_xml('SiteScanRequest', 'site-id' => site_id)
+    def scan_site(site_id, blackout_override = false)
+      xml = make_xml('SiteScanRequest', 'site-id' => site_id)
+      xml.add_attributes({ 'force' => true }) if blackout_override
       response = execute(xml)
       Scan.parse(response.res) if response.success
     end

data/lib/nexpose/site.rb

@@ -540,14 +540,16 @@ module Nexpose
     #
     # @param [Connection] connection Connection to console where scan will be launched.
     # @param [String] sync_id Optional synchronization token.
+    # @param [Boolean] blackout_override Optional. Given suffencent permissions, force bypass blackout and start scan.
     # @return [Scan] Scan launch information.
     #
-    def scan(connection, sync_id = nil)
+    def scan(connection, sync_id = nil, blackout_override = false)
       xml = REXML::Element.new('SiteScanRequest')
       xml.add_attributes({ 'session-id' => connection.session_id,
                            'site-id' => @id,
                            'sync-id' => sync_id })
 
+      xml.add_attributes({ 'force' => true }) if blackout_override
       response = connection.execute(xml, '1.1', timeout: 60)
       Scan.parse(response.res) if response.success
     end

data/lib/nexpose/version.rb

@@ -1,4 +1,4 @@
 module Nexpose
   # The latest version of the Nexpose gem
-  VERSION = '7.0.1'.freeze
+  VERSION = '7.1.0'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 7.0.1
+  version: 7.1.0
 platform: ruby
 authors:
 - HD Moore
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-09-11 00:00:00.000000000 Z
+date: 2017-09-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler