nexpose 0.8.17 → 0.8.18

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2d53af256a38fa293d1ba3a20353ed46605b067c
-  data.tar.gz: e8564b802c313c0bfb983b714da40f4a9a18bdaa
+  metadata.gz: 24b07c5aa9671577da0a19a249babd2c0fce5ff6
+  data.tar.gz: 30f364953ab62ff807f82deffb848b2ceef80636
 SHA512:
-  metadata.gz: 8c820282edb3efbc36521c21edc6389a820fd91e035671cd2f2b6abff147d2757afb812065b86c54d8cadf1d384e18442602204eb057a32a0495454534b2776c
-  data.tar.gz: f283f2f236f7ebc5cd66c4c6f7c613a450ca365dce683c7bcb5097ec979ef995bf4ebe8ee356c34db5d2134cc8e872fdd564bc028c777b3ca586ce652bc26aa3
+  metadata.gz: fca1a54493ded6d695c2668c53c3ced413c7c82b181367bf3af666cf9cab10ad7209c1a7e6a67f059e6ba7b03f03ba5a783d9aa7ed0706754e7413e847e89d20
+  data.tar.gz: 9f30a2887a5b7f7064b1bf8c5dd7482e7762cb0b7b25e5d91a22dadab2e6577590bc374f76323372394bda48db48526a4663058ae7a356a8148bcec10f1e6764

data/lib/nexpose.rb

@@ -48,6 +48,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #
 
 require 'date'
+require 'time'
 require 'rexml/document'
 require 'nokogiri'
 require 'net/https'
@@ -61,6 +62,7 @@ require 'nexpose/error'
 require 'nexpose/util'
 require 'nexpose/alert'
 require 'nexpose/ajax'
+require 'nexpose/api'
 require 'nexpose/api_request'
 require 'nexpose/common'
 require 'nexpose/console'

data/lib/nexpose/api.rb

@@ -0,0 +1,77 @@
+module Nexpose
+  # Base class for all API 2.0 objects which are derived from JSON
+  # representations.
+  #
+  # This class is not intended to be used by customers, but to extend
+  # functionality in the gem itself.
+  #
+  # To use this class, do the following:
+  # * Subclass APIObject
+  # * Do NOT provide a constructor method, or it must take no arguments.
+  # * Clearly document all attributes which the customer can expect to see.
+  # * Clearly document those attributes which are lazily loaded.
+  # * If applicable, implement a load method which calls new.object_from_hash
+  #
+  class APIObject
+    # Populate object methods and attributes from a JSON-derived hash.
+    #
+    # @param [Nexpose::Connection] nsc Active connection to a console.
+    # @param [Hash] hash Result of running JSON#parse with the
+    #   symbolize_names parameter to a 2.0 API response.
+    #   Pass hash[:resources] if the response is pageable.
+    #
+    def object_from_hash(nsc, hash)
+      hash.each do |k, v|
+        next if k == :url  # Do not store self-referential URL.
+        # Store resource URLs separately and create lazy accessors.
+        if v.is_a?(Hash) && v.key?(:url)
+          instance_variable_set("@#{k}_url", v[:url].gsub(/.*\/api/, '/api'))
+          self.class.send(:define_method, k, proc { |conn = nsc| load_resource(conn, k, instance_variable_get("@#{k}_url")) })
+        else
+          # Convert timestamps.
+          if v.is_a?(String) && v.match(/^\d{8}T\d{6}\.\d{3}/)
+            instance_variable_set("@#{k}", ISO8601.to_time(v))
+          else
+            instance_variable_set("@#{k}", v)
+          end
+          self.class.send(:define_method, k, proc { instance_variable_get("@#{k}") })
+        end
+      end
+      self
+    end
+
+    private
+
+    # Load a resource from the security console. Once loaded, the value is
+    # cached so that it need not be loaded again.
+    #
+    # @param [Connection] nsc Active connection to the console.
+    # @param [Symbol] k Original key name, used to identify the class to load.
+    # @param [String] url Truncated URL to use to retrieve the resource.
+    # @return [Array[?]] Collection of "k" marshalled object.
+    #
+    def load_resource(nsc, k, url)
+      obj = class_from_string(k)
+      resp = AJAX.get(nsc, url, AJAX::CONTENT_TYPE::JSON)
+      hash = JSON.parse(resp, symbolize_names: true)
+      resources = hash[:resources].map { |e| obj.method(:new).call.object_from_hash(nsc, e) }
+      instance_variable_set("@#{k}", resources)
+      self.class.send(:define_method, k, proc { instance_variable_get("@#{k}") })
+      resources
+    end
+
+    # Get the class referred to by a field name.
+    #
+    # For example, this method will translate a field name like "malware_kits"
+    # into to corresponding MalwareKit class.
+    #
+    # @param [String] field Snake-case name of a field.
+    # @return [Class] Class associated with the provided field.
+    #
+    def class_from_string(field)
+      str = field.to_s.split('_').map(&:capitalize!).join
+      str.chop! if str.end_with?('s')
+      Object.const_get('Nexpose').const_get(str)
+    end
+  end
+end

data/lib/nexpose/device.rb

@@ -65,14 +65,14 @@ module Nexpose
     # Get a list of all assets currently associated with a group.
     #
     # @param [Fixnum] dev_id Unique identifier of a device (asset).
-    # @return [Array[Asset]] List of group assets.
+    # @return [Array[FilteredAsset]] List of group assets.
     #
     def group_assets(group_id)
       payload = { 'sort' => 'assetName',
                   'table-id' => 'group-assets',
                   'groupID' => group_id }
       results = DataTable._get_json_table(self, '/data/asset/group', payload)
-      results.map { |a| Asset.new(a) }
+      results.map { |a| FilteredAsset.new(a) }
     end
 
     # List the vulnerability findings for a given device ID.

data/lib/nexpose/filter.rb

@@ -11,7 +11,7 @@ module Nexpose
     # @param [String] field Constant from Search::Field
     # @param [String] operator Constant from Search::Operator
     # @param [String] value Search term or constant from Search::Value
-    # @return [Array[Asset]] List of matching assets.
+    # @return [Array[FilteredAsset]] List of matching assets.
     #
     def filter(field, operator, value = '')
       criterion = Criterion.new(field, operator, value)
@@ -32,17 +32,17 @@ module Nexpose
     #   results = nsc.search(criteria)
     #
     # @param [Criteria] criteria Criteria search object.
-    # @return [Array[Asset]] List of matching assets.
+    # @return [Array[FilteredAsset]] List of matching assets.
     #
     def search(criteria)
       results = DataTable._get_json_table(self,
                                           '/data/asset/filterAssets',
                                           criteria._to_payload)
-      results.map { |a| Asset.new(a) }
+      results.map { |a| FilteredAsset.new(a) }
     end
   end
 
-  # Constans for performing Asset Filter searches and generating Dynamic Asset
+  # Constants for performing Asset Filter searches and generating Dynamic Asset
   # Groups.
   #
   module Search
@@ -349,7 +349,7 @@ module Nexpose
 
   # Asset data as returned by an Asset Filter search.
   #
-  class Asset
+  class FilteredAsset
 
     # Unique identifier of this asset. Also known as device ID.
     attr_reader :id

data/lib/nexpose/util.rb

@@ -104,7 +104,7 @@ module Nexpose
     # @return [Time] Time, if it can be converted.
     #
     def to_time(time_string)
-      Time.strptime(time_string.to_s, '%Y%m%dT%H%M%S.%LZ')
+      Time.strptime(time_string.to_s, '%Y%m%dT%H%M%S.%L%Z')
     end
 
     # Convert a time object into a UTC ISO 8601 basic date-time format.

data/lib/nexpose/version.rb

@@ -1,4 +1,4 @@
 module Nexpose
   # The latest version of the Nexpose gem
-  VERSION = '0.8.17'
+  VERSION = '0.8.18'
 end

data/lib/nexpose/vuln.rb

@@ -1,5 +1,4 @@
 module Nexpose
-
   class Connection
     include XMLUtils
 
@@ -18,9 +17,9 @@ module Nexpose
       if response.success
         response.res.elements.each('VulnerabilityListingResponse/VulnerabilitySummary') do |vuln|
           if full
-            vulns << VulnerabilitySummary.parse(vuln)
+            vulns << XML::VulnerabilitySummary.parse(vuln)
           else
-            vulns << Vulnerability.new(vuln.attributes['id'],
+            vulns << XML::Vulnerability.new(vuln.attributes['id'],
                                        vuln.attributes['title'],
                                        vuln.attributes['severity'].to_i)
           end
@@ -63,7 +62,7 @@ module Nexpose
       response = execute(xml, '1.2')
       if response.success
         response.res.elements.each('VulnerabilityDetailsResponse/Vulnerability') do |vuln|
-          return VulnerabilityDetail.parse(vuln)
+          return XML::VulnerabilityDetail.parse(vuln)
         end
       end
     end
@@ -79,7 +78,7 @@ module Nexpose
       uri = "/data/vulnerability/vulnerabilities/dyntable.xml?tableID=VulnCheckSynopsis&phrase=#{URI.encode(search_term)}&allWords=#{all_words}"
       data = DataTable._get_dyn_table(self, uri)
       data.map do |vuln|
-        VulnCheck.new(vuln)
+        XML::VulnCheck.new(vuln)
       end
     end
 
@@ -99,142 +98,130 @@ module Nexpose
     end
   end
 
-  # Basic vulnerability information. Only includes ID, title, and severity.
+  # Object definitions which are derived from XML values.
   #
-  class Vulnerability
-
-    # The unique ID string for this vulnerability
-    attr_reader :id
-
-    # The title of this vulnerability
-    attr_reader :title
-
-    # How critical the vulnerability is on a scale of 1 to 10.
-    attr_reader :severity
-
-    def initialize(id, title, severity)
-      @id, @title, @severity = id, title, severity.to_i
+  module XML
+    # Basic vulnerability information. Only includes ID, title, and severity.
+    #
+    class Vulnerability
+      # The unique ID string for this vulnerability
+      attr_reader :id
+      # The title of this vulnerability
+      attr_reader :title
+      # How critical the vulnerability is on a scale of 1 to 10.
+      attr_reader :severity
+
+      def initialize(id, title, severity)
+        @id, @title, @severity = id, title, severity.to_i
+      end
     end
-  end
-
-  # Vulnerability Check information.
-  #
-  class VulnCheck < Vulnerability
 
-    attr_reader :check_id
-    # @return [Array[String]] Categories that this check is a member of.
-    #   Note that this is note the same as the categories from #list_vuln_categories.
-    attr_reader :categories
-    # @return [String] Check type. @see #list_vuln_types
-    attr_reader :check_type
-
-    def initialize(json)
-      @id = json['Vuln ID']
-      @check_id = json['Vuln Check ID']
-      @title = json['Vulnerability']
-      @severity = json['Severity'].to_i
-      @check_type = json['Check Type']
-      @categories = json['Category'].split(/, */)
+    # Vulnerability Check information.
+    #
+    class VulnCheck < Vulnerability
+      attr_reader :check_id
+      # @return [Array[String]] Categories that this check is a member of.
+      #   Note that this is note the same as the categories from #list_vuln_categories.
+      attr_reader :categories
+      # @return [String] Check type. @see #list_vuln_types
+      attr_reader :check_type
+
+      def initialize(json)
+        @id = json['Vuln ID']
+        @check_id = json['Vuln Check ID']
+        @title = json['Vulnerability']
+        @severity = json['Severity'].to_i
+        @check_type = json['Check Type']
+        @categories = json['Category'].split(/, */)
+      end
     end
-  end
-
-  # Summary of a vulnerability.
-  #
-  class VulnerabilitySummary < Vulnerability
-
-    # PCI severity value for the vulnerability on a scale of 1 to 5.
-    attr_accessor :pci_severity
-
-    # Whether all checks for the vulnerability are safe.
-    # Unsafe checks may cause denial of service or otherwise disrupt system performance.
-    attr_accessor :safe
-
-    # A vulnerability is considered "credentialed" when all of its checks
-    # require credentials or if the check depends on previous authentication
-    # during a scan.
-    attr_accessor :credentials
-
-    # When this vulnerability was first included in the application.
-    attr_accessor :added
-
-    # The last date the vulnerability was modified.
-    attr_accessor :modified
-
-    # The date when the information about the vulnerability was first released.
-    attr_accessor :published
 
-    # How the vulnerability is exploited according to PCI standards.
-    attr_accessor :cvss_vector
-
-    # The computation of the Common Vulnerability Scoring System indicating
-    # compliance with PCI standards on a scale from 0 to 10.0.
-    attr_accessor :cvss_score
-
-    def self.parse_attributes(xml)
-      vuln = new(xml.attributes['id'],
-                 xml.attributes['title'],
-                 xml.attributes['severity'].to_i)
-
-      vuln.pci_severity = xml.attributes['pciSeverity'].to_i
-      vuln.safe = xml.attributes['safe'] == 'true'  # or xml.attributes['safe'] == '1'
-      vuln.added = Date.parse(xml.attributes['added'])
-      vuln.modified = Date.parse(xml.attributes['modified'])
-      vuln.credentials = xml.attributes['requiresCredentials'] == 'true'
-
-      # These three fields are optional in the XSD.
-      vuln.published = Date.parse(xml.attributes['published']) if xml.attributes['published']
-      vuln.cvss_vector = xml.attributes['cvssVector'] if xml.attributes['cvssVector']
-      vuln.cvss_score = xml.attributes['cvssScore'].to_f if xml.attributes['cvssScore']
-      vuln
-    end
+    # Summary of a vulnerability.
+    #
+    class VulnerabilitySummary < Vulnerability
+      # PCI severity value for the vulnerability on a scale of 1 to 5.
+      attr_accessor :pci_severity
+      # Whether all checks for the vulnerability are safe.
+      # Unsafe checks may cause denial of service or otherwise disrupt system performance.
+      attr_accessor :safe
+      # A vulnerability is considered "credentialed" when all of its checks
+      # require credentials or if the check depends on previous authentication
+      # during a scan.
+      attr_accessor :credentials
+      # When this vulnerability was first included in the application.
+      attr_accessor :added
+      # The last date the vulnerability was modified.
+      attr_accessor :modified
+      # The date when the information about the vulnerability was first released.
+      attr_accessor :published
+      # How the vulnerability is exploited according to PCI standards.
+      attr_accessor :cvss_vector
+      # The computation of the Common Vulnerability Scoring System indicating
+      # compliance with PCI standards on a scale from 0 to 10.0.
+      attr_accessor :cvss_score
+
+      def self.parse_attributes(xml)
+        vuln = new(xml.attributes['id'],
+                   xml.attributes['title'],
+                   xml.attributes['severity'].to_i)
+
+        vuln.pci_severity = xml.attributes['pciSeverity'].to_i
+        vuln.safe = xml.attributes['safe'] == 'true'  # or xml.attributes['safe'] == '1'
+        vuln.added = Date.parse(xml.attributes['added'])
+        vuln.modified = Date.parse(xml.attributes['modified'])
+        vuln.credentials = xml.attributes['requiresCredentials'] == 'true'
+
+        # These three fields are optional in the XSD.
+        vuln.published = Date.parse(xml.attributes['published']) if xml.attributes['published']
+        vuln.cvss_vector = xml.attributes['cvssVector'] if xml.attributes['cvssVector']
+        vuln.cvss_score = xml.attributes['cvssScore'].to_f if xml.attributes['cvssScore']
+        vuln
+      end
 
-    def self.parse(xml)
-      parse_attributes(xml)
+      def self.parse(xml)
+        parse_attributes(xml)
+      end
     end
-  end
-
-  # Details for a vulnerability.
-  #
-  class VulnerabilityDetail < VulnerabilitySummary
-
-    # The HTML Description of this vulnerability.
-    attr_accessor :description
-
-    # External References for this vulnerability.
-    # Array containing (Reference)
-    attr_accessor :references
 
-    # The HTML Solution for this vulnerability.
-    attr_accessor :solution
-
-    def initialize(id, title, severity)
-      @id, @title, @severity = id, title, severity
-      @references = []
-    end
+    # Details for a vulnerability.
+    #
+    class VulnerabilityDetail < VulnerabilitySummary
+      # The HTML Description of this vulnerability.
+      attr_accessor :description
+      # External References for this vulnerability.
+      # Array containing (Reference)
+      attr_accessor :references
+      # The HTML Solution for this vulnerability.
+      attr_accessor :solution
+
+      def initialize(id, title, severity)
+        @id, @title, @severity = id, title, severity
+        @references = []
+      end
 
-    def self.parse(xml)
-      vuln = parse_attributes(xml)
+      def self.parse(xml)
+        vuln = parse_attributes(xml)
 
-      vuln.description = REXML::XPath.first(xml, 'description').text
-      vuln.solution = REXML::XPath.first(xml, 'solution').text
+        vuln.description = REXML::XPath.first(xml, 'description').text
+        vuln.solution = REXML::XPath.first(xml, 'solution').text
 
-      xml.elements.each('references/reference') do |ref|
-        vuln.references << Reference.new(ref.attributes['source'], ref.text)
+        xml.elements.each('references/reference') do |ref|
+          vuln.references << Reference.new(ref.attributes['source'], ref.text)
+        end
+        vuln
       end
-      vuln
     end
-  end
 
-  # Reference information for a Vulnerability.
-  #
-  class Reference
-
-    attr_reader :source
-    attr_reader :reference
+    # Reference information for a Vulnerability.
+    #
+    class Reference
+      attr_reader :source
+      attr_reader :reference
 
-    def initialize(source, reference)
-      @source = source
-      @reference = reference
+      def initialize(source, reference)
+        @source = source
+        @reference = reference
+      end
     end
   end
 
@@ -243,7 +230,6 @@ module Nexpose
   # cross-referenced to the String ID to be used elsewhere.
   #
   class VulnFinding
-
     # Unique identifier of the vulnerability.
     attr_reader :id
     # Unique, console-specific identifier of the vulnerability.
@@ -286,7 +272,6 @@ module Nexpose
   # cross-referenced to the String ID to be used elsewhere.
   #
   class VulnSynopsis < VulnFinding
-
     def initialize(hash)
       @id = hash['Vuln ID'].to_i
       @title = hash['Vulnerability']

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 0.8.17
+  version: 0.8.18
 platform: ruby
 authors:
 - HD Moore
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-11 00:00:00.000000000 Z
+date: 2014-12-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rex
@@ -87,6 +87,7 @@ files:
 - lib/nexpose.rb
 - lib/nexpose/ajax.rb
 - lib/nexpose/alert.rb
+- lib/nexpose/api.rb
 - lib/nexpose/api_request.rb
 - lib/nexpose/common.rb
 - lib/nexpose/connection.rb