nexpose 0.8.0 → 0.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/nexpose/creds.rb +19 -0
- data/lib/nexpose/filter.rb +4 -0
- data/lib/nexpose/shared_cred.rb +20 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dad58d40aec93d09eac8e17c8a33d62681029ac8
|
|
4
|
+
data.tar.gz: a7c12f0b5569a78bdbec3913ffb1899e60a48cc6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8a52b22b5d5fb956240aede68ee4b5bdb65c8fb6dbae5aa566e4983d57bccdce41b7e27b56c36d6edaa6138f0befc6a9b4b6455f69e14be6d91b58f0665217a4
|
|
7
|
+
data.tar.gz: 984fb2416a427610052639cbe1f0590882a6abaef35bb6613b672a7a7b049ed33fe8826fec90cf515c1683040e26aefa2bece67a54ea211fc8275b7ce745453a
|
data/lib/nexpose/creds.rb
CHANGED
|
@@ -23,6 +23,7 @@ module Nexpose
|
|
|
23
23
|
'postgresql' => 5432,
|
|
24
24
|
'remote execution' => 512,
|
|
25
25
|
'snmp' => 161,
|
|
26
|
+
'snmpv3' => 161,
|
|
26
27
|
'ssh' => 22,
|
|
27
28
|
'ssh-key' => 22,
|
|
28
29
|
'telnet' => 23,
|
|
@@ -55,6 +56,12 @@ module Nexpose
|
|
|
55
56
|
attr_accessor :priv_username
|
|
56
57
|
# The password to use when escalating privileges (optional)
|
|
57
58
|
attr_accessor :priv_password
|
|
59
|
+
# The authentication type to use with SNMP v3 credentials
|
|
60
|
+
attr_accessor :auth_type
|
|
61
|
+
# The privacy/encryption type to use with SNMP v3 credentials
|
|
62
|
+
attr_accessor :privacy_type
|
|
63
|
+
# The privacy/encryption passphrase to use with SNMP v3 credentials
|
|
64
|
+
attr_accessor :privacy_password
|
|
58
65
|
|
|
59
66
|
def self.for_service(service, user, password, realm = nil, host = nil, port = nil)
|
|
60
67
|
cred = new
|
|
@@ -73,6 +80,12 @@ module Nexpose
|
|
|
73
80
|
@priv_username = username
|
|
74
81
|
@priv_password = password
|
|
75
82
|
end
|
|
83
|
+
|
|
84
|
+
def add_snmpv3_credentials(auth_type, privacy_type, privacy_password)
|
|
85
|
+
@auth_type = auth_type
|
|
86
|
+
@privacy_type = privacy_type
|
|
87
|
+
@privacy_password = privacy_password
|
|
88
|
+
end
|
|
76
89
|
|
|
77
90
|
def self.parse(xml)
|
|
78
91
|
cred = new
|
|
@@ -100,6 +113,10 @@ module Nexpose
|
|
|
100
113
|
attributes['privilegeelevationtype'] = @priv_type if @priv_type
|
|
101
114
|
attributes['privilegeelevationusername'] = @priv_username if @priv_username
|
|
102
115
|
attributes['privilegeelevationpassword'] = @priv_password if @priv_password
|
|
116
|
+
|
|
117
|
+
attributes['snmpv3authtype'] = @auth_type if @auth_type
|
|
118
|
+
attributes['snmpv3privtype'] = @privacy_type if @privacy_type
|
|
119
|
+
attributes['snmpv3privpassword'] = @privacy_password if @privacy_password
|
|
103
120
|
|
|
104
121
|
xml = make_xml('adminCredentials', attributes, blob)
|
|
105
122
|
xml.add_element(@headers.to_xml_elem) if @headers
|
|
@@ -154,6 +171,8 @@ module Nexpose
|
|
|
154
171
|
REMOTE_EXECUTION = 'remote execution'
|
|
155
172
|
# Simple Network Management Protocol
|
|
156
173
|
SNMP = 'snmp'
|
|
174
|
+
# Simple Network Management Protocol v3
|
|
175
|
+
SNMPV3 = 'snmpv3'
|
|
157
176
|
# Secure Shell (SSH)
|
|
158
177
|
SSH = 'ssh'
|
|
159
178
|
# Secure Shell (SSH) Public Key
|
data/lib/nexpose/filter.rb
CHANGED
data/lib/nexpose/shared_cred.rb
CHANGED
|
@@ -50,6 +50,8 @@ module Nexpose
|
|
|
50
50
|
cred.privilege_username = json['privilegeElevationUsername']
|
|
51
51
|
cred.all_sites = json['scope'] == 'ALL_SITES_ENABLED_DEFAULT'
|
|
52
52
|
cred.last_modified = Time.at(json['lastModified']['time'] / 1000)
|
|
53
|
+
cred.auth_type = json['snmpv3authtype']
|
|
54
|
+
cred.privacy_type = json['snmpv3privtype']
|
|
53
55
|
cred
|
|
54
56
|
end
|
|
55
57
|
|
|
@@ -79,6 +81,12 @@ module Nexpose
|
|
|
79
81
|
attr_accessor :privilege_password
|
|
80
82
|
# Permission elevation type. See Nexpose::Credential::ElevationType.
|
|
81
83
|
attr_accessor :privilege_type
|
|
84
|
+
# Authentication type of SNMP v3 credential
|
|
85
|
+
attr_accessor :auth_type
|
|
86
|
+
# Privacy type of SNMP v3 credential
|
|
87
|
+
attr_accessor :privacy_type
|
|
88
|
+
# Privacty password of SNMP v3 credential
|
|
89
|
+
attr_accessor :privacy_password
|
|
82
90
|
|
|
83
91
|
# IP address or host name to restrict this credential to.
|
|
84
92
|
attr_accessor :host
|
|
@@ -133,6 +141,9 @@ module Nexpose
|
|
|
133
141
|
account.add_element('Field', { 'name' => 'privilegeelevationusername' }).add_text(@privilege_username)
|
|
134
142
|
account.add_element('Field', { 'name' => 'privilegeelevationpassword' }).add_text(@privilege_password) if @privilege_password
|
|
135
143
|
account.add_element('Field', { 'name' => 'privilegeelevationtype' }).add_text(@privilege_type) if @privilege_type
|
|
144
|
+
account.add_element('Field', { 'name' => 'snmpv3authtype' }).add_text(@auth_type) if @auth_type
|
|
145
|
+
account.add_element('Field', { 'name' => 'snmpv3privtype' }).add_text(@privacy_type) if @privacy_type
|
|
146
|
+
account.add_element('Field', { 'name' => 'snmpv3privpassword' }).add_text(@privacy_password) if @privacy_password
|
|
136
147
|
|
|
137
148
|
restrictions = xml.add_element('Restrictions')
|
|
138
149
|
restrictions.add_element('Restriction', { 'type' => 'host' }).add_text(@host) if @host
|
|
@@ -197,6 +208,9 @@ module Nexpose
|
|
|
197
208
|
sc_creds_privilegeelevationusername: @privilege_username,
|
|
198
209
|
sc_creds_privilegeelevationpassword: @privilege_password,
|
|
199
210
|
sc_creds_privilegeelevationtype: @privilege_type,
|
|
211
|
+
sc_creds_snmpv3authtype: @auth_type,
|
|
212
|
+
sc_creds_snmpv3privtype: @privacy_type,
|
|
213
|
+
sc_creds_snmpv3privpassword: @privacy_password,
|
|
200
214
|
siteid: -1 }
|
|
201
215
|
end
|
|
202
216
|
|
|
@@ -228,6 +242,12 @@ module Nexpose
|
|
|
228
242
|
cred.privilege_password = field.text
|
|
229
243
|
when 'privilegeelevationtype'
|
|
230
244
|
cred.privilege_type = field.text
|
|
245
|
+
when 'snmpv3authtype'
|
|
246
|
+
cred.auth_type = field.text
|
|
247
|
+
when 'snmpv3privtype'
|
|
248
|
+
cred.privacy_type = field.text
|
|
249
|
+
when 'snmpv3privpassword'
|
|
250
|
+
cred.privacy_password = field.text
|
|
231
251
|
end
|
|
232
252
|
end
|
|
233
253
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexpose
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- HD Moore
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2014-
|
|
13
|
+
date: 2014-07-03 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: librex
|