RubyGems - nexpose - Versions diffs - 0.7.6 → 0.8.0 - Mend

nexpose 0.7.6 → 0.8.0

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4489a1cf24aae595c8e33906c072e337e2e3fe3b
-  data.tar.gz: 43bd09c01a8f777a1da5545f92c5e41da3f6e99e
+  metadata.gz: d3309a3a245d4659e9a7505b030c6b43feb428fc
+  data.tar.gz: 43f7292888199a7d69f8fb83e9a544bafe0e7ad0
 SHA512:
-  metadata.gz: 5bcef060fd7b3b78d811863560bb5bcb3437a75f3b7a2368e0182abc31b2c1ddbb15962e1d55c2fc712d6ce7b4764178d97550328ca6c11ad769567caa7ac41b
-  data.tar.gz: 4ef93a44863abf77d5c51cee2899e0a420b83b633a7f8c7add3d8e76bdadf3363a10908bab6995f343600f37101cef06249f3f5c5421ead06095b8c833c56b25
+  metadata.gz: 5ccba03b85ee4fabdb70d35566aa2c68d818bdb0c54c136c733367c38ee91e347b5010d90790e7cfa5962deee7da10c1bb43ff60e12e36c079b168b79097057c
+  data.tar.gz: 59f1076100d1c251bd497b51ec4eb8b967ea5263f827a04dc4f205127769ef660756975aa0b953c486a3ebd48b9e335c9405c9ce0d8841b838402f873a5e15b7

data/lib/nexpose.rb CHANGED Viewed

@@ -49,6 +49,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 require 'date'
 require 'rexml/document'
+require 'nokogiri'
 require 'net/https'
 require 'net/http'
 require 'uri'

data/lib/nexpose/ajax.rb CHANGED Viewed

@@ -112,7 +112,11 @@ module Nexpose
     # @return [Hash] The parameterized URI.
     def parameterize_uri(uri, parameters)
-      uri = uri.concat(('?').concat(parameters.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&'))) unless Hash(parameters).empty?
+      params = Hash.try_convert(parameters)
+      unless params.nil? || params.empty?
+        uri = uri.concat(('?').concat(parameters.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&')))
+      end
+      uri
     end
     ###

data/lib/nexpose/filter.rb CHANGED Viewed

@@ -362,7 +362,7 @@ module Nexpose
       @vuln_count = json['vulnCount'].to_i
       @risk_score = json['riskScore'].to_f
       @site_id = json['siteID']
-      @last_scan = Time.at(json['lastScanDate'] / 1000)
+      @last_scan = Time.at(json['lastScanDate'].to_i / 1000)
     end
   end
 end

data/lib/nexpose/report.rb CHANGED Viewed

@@ -223,6 +223,7 @@ module Nexpose
     end
     include XMLUtils
+    include HTMLUtils
     # Generate a report once using a simple configuration.
     #
@@ -252,8 +253,10 @@ module Nexpose
           doc.parts.each do |part|
             if /.*base64.*/ =~ part.header.to_s
               if @format =~ /(?:ht|x)ml/
-                if part.header.to_s =~ %r(text/(?:ht|x)ml)
+                if part.header.to_s =~ %r(text/xml)
                   return parse_xml(part.content.unpack('m*')[0]).to_s
+                elsif part.header.to_s =~ %r(text/html)
+                  return parse_html(part.content.unpack('m*')[0]).to_s
                 end
               else # text|pdf|csv|rtf
                 return part.content.unpack('m*')[0]

data/lib/nexpose/role.rb CHANGED Viewed

@@ -23,6 +23,7 @@ module Nexpose
       ADD_USERS_TO_GROUP = 'AddUsersToGroup'
       ADD_USERS_TO_REPORT = 'AddUsersToReport'
       MANAGE_POLICIES = 'ManagePolicies'
+      MANAGE_TAGS = 'ManageTags'
     end
     module Site

data/lib/nexpose/util.rb CHANGED Viewed

@@ -6,6 +6,12 @@ module Nexpose
     end
   end
+  module HTMLUtils
+    def parse_html(html)
+      Nokogiri::HTML(html, nil, 'UTF-8')
+    end
+  end
   module XMLUtils
     def parse_xml(xml)

data/lib/nexpose/vuln.rb CHANGED Viewed

@@ -76,9 +76,7 @@ module Nexpose
     # @return [Array[VulnCheck]] List of matching Vulnerability Checks.
     #
     def find_vuln_check(search_term, partial_words = true, all_words = true)
-      uri = "/ajax/vulnck_synopsis.txml?phrase=#{URI.encode(search_term)}"
-      uri += '&wholeWords=1' unless partial_words
-      uri += '&allWords=1' if all_words
+      uri = "/data/vulnerability/vulnerabilities/dyntable.xml?tableID=VulnCheckSynopsis&phrase=#{URI.encode(search_term)}&allWords=#{all_words}"
       data = DataTable._get_dyn_table(self, uri)
       data.map do |vuln|
         VulnCheck.new(vuln)

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 0.7.6
+  version: 0.8.0
 platform: ruby
 authors:
 - HD Moore
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-06-11 00:00:00.000000000 Z
+date: 2014-06-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: librex
@@ -52,6 +52,26 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.2
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.2
 description: This gem provides a Ruby API to the Nexpose vulnerability management
   product by Rapid7.
 email: