nexpose 0.9.3 → 0.9.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3061d4a5d9569fa5aa6e9e71b59b8747688e3423
-  data.tar.gz: 0b79ee953da25edc842e37b8ac19b9ba9f4bbb7c
+  metadata.gz: 65b6a8c8e5b9a22b4554cad85898b6e54a4f9c87
+  data.tar.gz: 4f75da07def218ce18d31559225d7598ceb07828
 SHA512:
-  metadata.gz: 31e606472483067a65ef775690c7f3f92ef26f50c9ce18d4840565d7cc3c3031d6b713ba379112ebe1677ef0d1e54e79cc17e33b44cc227570a91ae45f1555ce
-  data.tar.gz: a71ed17da304eb8c08a9fd5f5e8fad4b7efc019d0f172a12b0b215b0d342da31eb5da70dad4245d57f13c405bda2a44a53835f677c005a2b18ae7dc65e619694
+  metadata.gz: 7dff42cc42cc00d08077832ecb896db3fa13b12ae97c2fe2e93b3165d8a0e5597c0ae56d4dd83a00b60dcd3a4083dfd04dc6f80eab9765437b6afc6df6d5e760
+  data.tar.gz: b6564635a8abf0ee9a3231809e938c2b9d189099ad96360a36b59ac690e7e171803caf819235a3b2d0a875fd40a2b520c59497fe3effb6d226f1f55330fea42b

data/CONTRIBUTING.md

@@ -0,0 +1,91 @@
+# Contributing to nexpose-client
+
+The users and maintainers of nexpose-client would greatly appreciate any contributions
+you can make to the project. These contributions typically come in the form of
+filed bugs/issues or pull requests (PRs). These contributions routinely result
+in new versions of the [nexpose-client
+gem](https://rubygems.org/gems/nexpose-client) and the
+[nexpose-client release](https://github.com/rapid7/nexpose-client/releases) to be released. The
+process for each is outlined below.
+
+## Contributing Issues / Bug Reports
+
+If you encounter any bugs or problems with nexpose-client, please file them
+[here](https://github.com/rapid7/nexpose-client/issues/new), providing as much detail as
+possible. If the bug is straight-forward enough and you understand the fix for
+the bug well enough, you may take the simpler, less-paperwork route and simply
+file a PR with the fix and the necessary details.
+
+## Contributing Code
+
+nexpose-client uses a model nearly identical to that of
+[Metasploit](https://github.com/rapid7/metasploit-framework) as outlined
+[here](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment),
+at least from a ```git``` perspective. If you've been through that process
+(or, even better, you've been through it many times with many people), you can
+do exactly what you did for Metasploit but with nexpose-client and ignore the rest of
+this document.
+
+On the other hand, if you haven't, read on!
+
+### Fork and Clone
+
+Generally, this should only need to be done once, or if you need to start over.
+
+1. Fork nexpose-client: Visit https://github.com/rapid7/nexpose-client and click Fork,
+   selecting your github account if prompted
+2. Clone ```git@github.com:<your-github-username>/nexpose-client.git```, replacing
+```<your-github-username>``` with, you guessed it, your Github username.
+3. Add the master nexpose-client repository as your upstream:
+```
+git remote add upstream git://github.com/rapid7/nexpose-client.git
+git fetch --all
+```
+
+### Branch and Improve
+
+If you have a contribution to make, first create a branch to contain your
+work. The name is yours to choose, however generally it should roughly
+describe what you are doing. In this example, and from here on out, the
+branch will be wow, but you should change this.
+
+```
+git fetch --all
+git checkout master
+git rebase upstream/master
+git checkout -b wow
+```
+
+Now, make your changes, committing as necessary, using useful commit messages:
+
+```
+vim CONTRIBUTING.md
+git add CONTRIBUTING.md
+git commit -m "Adds a document on how to contribute to nexpose-client." -a
+```
+
+Please note that changes to [lib/nexpose/version.rb](https://github.com/rapid7/nexpose-client/blob/master/lib/nexpose/version.rb) in PRs are almost never necessary.
+
+Now push your changes to your fork:
+
+```
+git push origin wow
+```
+
+Finally, submit the PR. Navigate to ```https://github.com/<your-github-username>/nexpose-client/compare/wow```, fill in the details, and submit.
+
+## Releasing New Versions
+
+Typically this process is reserved for contributors with push permissions to
+nexpose-client:
+
+### Release New Gem
+
+1. Get an account on [Rubygems](https://rubygems.org)
+2. Contact one of the nexpose-client project contributors and have them add you to the nexpose-client gem
+3. Edit [lib/nexpose/version.rb](https://github.com/rapid7/nexpose-client/blob/master/lib/nexpose/version.rb) and increment ```VERSION```. Commit and push to origin/upstream master.
+4. Run ```rake release```
+
+### Github Release
+
+Some users may prefer to consume nexpose-client in a manner other than using git itself. For that reason, Github offers [Releases](https://github.com/blog/1547-release-your-software). Whenever a new version of the software is to be released, be kind and also create a new [Release](https://github.com/rapid7/nexpose-client/releases), using a versioning scheme identical to that used for the gem.

data/README.markdown

@@ -11,7 +11,7 @@ This gem is heavily used for internal, automated testing of the Nexpose product.
 
 ## Contributions
 
-We welcome contributions to this package.
+We welcome contributions to this package. Please see [CONTRIBUTING](CONTRIBUTING.md) for details.
 
 Our coding standards include:
 

data/lib/nexpose.rb

@@ -50,7 +50,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 require 'date'
 require 'time'
 require 'rexml/document'
-require 'nokogiri'
 require 'net/https'
 require 'net/http'
 require 'uri'
@@ -64,6 +63,7 @@ require 'nexpose/alert'
 require 'nexpose/ajax'
 require 'nexpose/api'
 require 'nexpose/api_request'
+require 'nexpose/asset'
 require 'nexpose/common'
 require 'nexpose/console'
 require 'nexpose/credential'
@@ -74,6 +74,7 @@ require 'nexpose/device'
 require 'nexpose/discovery'
 require 'nexpose/discovery/filter'
 require 'nexpose/engine'
+require 'nexpose/external'
 require 'nexpose/filter'
 require 'nexpose/global_settings'
 require 'nexpose/group'
@@ -94,6 +95,7 @@ require 'nexpose/tag/criteria'
 require 'nexpose/ticket'
 require 'nexpose/user'
 require 'nexpose/vuln'
+require 'nexpose/vuln_def'
 require 'nexpose/vuln_exception'
 require 'nexpose/connection'
 require 'nexpose/maint'

data/lib/nexpose/asset.rb

@@ -0,0 +1,276 @@
+module Nexpose
+  # Asset object as return from the 2.1 API.
+  #
+  class Asset < APIObject
+    # Unique identifier of the asset on the Nexpose console.
+    attr_reader :id
+    # Primary IP address of the asset.
+    attr_reader :ip
+    # MAC address of the asset.
+    attr_reader :mac
+    # Known host names found for the asset.
+    attr_reader :host_names
+    # Operating system name.
+    attr_reader :os_name
+    # The CPE for the asset's operating system.
+    attr_reader :os_cpe
+    # The host type of the asset. One of: GUEST, HYPERVISOR, PHYSICAL, MOBILE.
+    attr_reader :host_type
+
+    # Assessment summary of the asset, including most recent scan info. [Lazy]
+    attr_reader :assessment
+    # Service endpoints enumerated on the asset. [Lazy]
+    attr_reader :services
+    # Software enumerated on the asset. [Lazy]
+    attr_reader :software
+    # Vulnerabilities detected on the asset. [Lazy]
+    attr_reader :vulnerabilities
+    # Vulnerability instances detected on the asset. [Lazy]
+    attr_reader :vulnerability_instances
+    # Vulnerability exploits to which this asset is susceptible. [Lazy]
+    attr_reader :exploits
+    # Malware kits to which this asset is susceptible. [Lazy]
+    attr_reader :malware_kits
+
+    # User accounts enumerated on the asset. [Lazy]
+    attr_reader :user_accounts
+    # Group accounts enumerated on the asset. [Lazy]
+    attr_reader :group_accounts
+    # Files and directories that have been enumerated on the asset. [Lazy]
+    attr_reader :files
+
+    def initialize
+      @addresses = []
+      @host_names = []
+    end
+
+    # Load an asset from the provided console.
+    #
+    # @param [Connection] nsc Active connection to a Nexpose console.
+    # @param [String] id Unique identifier of an asset.
+    # @return [Asset] The requested asset, if found.
+    #
+    def self.load(nsc, id)
+      uri = "/api/2.1/assets/#{id}"
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      hash = JSON.parse(resp, symbolize_names: true)
+      new.object_from_hash(nsc, hash)
+    end
+  end
+
+  # Software found on an asset.
+  #
+  class Software < APIObject
+    # The software product name.
+    attr_reader :product
+    # The version of software detected.
+    attr_reader :version
+    # Name of the vendor publishing the software.
+    attr_reader :vendor
+    # The family of software.
+    attr_reader :family
+    # Type of software.
+    attr_reader :type
+  end
+
+  # A service endpoint on an asset.
+  #
+  class Service < APIObject
+    # Name of the service. [Optional]
+    attr_reader :name
+    # Port on which the service is running.
+    attr_reader :port
+    # Protocol used to communicate to the port. @see Service::Protocol.
+    attr_reader :protocol
+
+    def initialize(port = 0, protocol = Protocol::RAW, name = nil)
+      @port, @protocol, @name = port, protocol, name
+    end
+
+    def to_h
+      { name: name,
+        port: port,
+        protocol: protocol }
+    end
+
+    def <=>(other)
+      c = port <=> other.port
+      return c unless c == 0
+      c = protocol <=> other.protocol
+      return c unless c == 0
+      name <=> other.name
+    end
+
+    def ==(other)
+      eql?(other)
+    end
+
+    def eql?(other)
+      port.eql?(other.port) && protocol.eql?(other.protocol) && name.eql?(other.name)
+    end
+
+    # Valid protocol values for a service endpoint.
+    module Protocol
+      # Internet Protocol
+      IP = 'IP'
+      # Internet Control Message Protocol
+      ICMP = 'ICMP'
+      # Internet Group Management Protocol
+      IGMP = 'IGMP'
+      # Gateway-to-Gateway Protocol
+      GGP = 'GGP'
+      # Transmission Control Protocol
+      TCP = 'TCP'
+      # PARC Universal Protocol
+      PUP = 'PUP'
+      # User Datagram Protocol
+      UDP = 'UDP'
+      # Internet Datagram Protocol
+      IDP = 'IDP'
+      # Encapsulating Security Payload
+      ESP = 'ESP'
+      # Network Disk Protocol
+      ND = 'ND'
+      # Raw Packet (or unknown)
+      RAW = 'RAW'
+    end
+  end
+
+  # User accounts on an asset.
+  #
+  class UserAccount < APIObject
+    # User account name.
+    attr_reader :name
+    # Unique identifier of the user as determined by the asset (not Nexpose).
+    attr_reader :id
+    # Full name of the user.
+    attr_reader :full_name
+    # Account attributes.
+    attr_reader :attributes
+
+    def initialize(name = nil, id = 0, full_name = nil, attributes = [])
+      @id, @name, @full_name, @attributes = id, name, full_name, attributes
+    end
+
+    def to_h
+      { name: name,
+        id: id,
+        full_name: full_name,
+        attributes: Attributes.to_hash(attributes) }
+    end
+
+    def <=>(other)
+      c = name <=> other.name
+      return c unless c == 0
+      c = id <=> other.id
+      return c unless c == 0
+      c = full_name <=> other.full_name
+      return c unless c == 0
+      attributes <=> other.attributes
+    end
+
+    def ==(other)
+      eql?(other)
+    end
+
+    def eql?(other)
+      name.eql?(other.name) && id.eql?(other.id) && full_name.eql?(other.full_name) && attributes.eql?(other.attributes)
+    end
+  end
+
+  # Group accounts on an asset.
+  #
+  class GroupAccount < APIObject
+    # Group account name.
+    attr_reader :name
+    # Unique identifier of the group as determined by the asset (not Nexpose).
+    attr_reader :id
+    # Group attributes.
+    attr_reader :attributes
+
+    def initialize(name = nil, id = 0, attributes = [])
+      @name = name
+      @id = id
+      @attributes = attributes
+    end
+
+    def to_h
+      { name: name,
+        id: id,
+        attributes: Attributes.to_hash(attributes) }
+    end
+
+    def <=>(other)
+      c = name <=> other.name
+      return c unless c == 0
+      c = id <=> other.id
+      return c unless c == 0
+      attributes <=> other.attributes
+    end
+
+    def ==(other)
+      eql?(other)
+    end
+
+    def eql?(other)
+      name.eql?(other.name) && id.eql?(other.id) && attributes.eql?(other.attributes)
+    end
+  end
+
+  # File or directory on an asset.
+  #
+  class File < APIObject
+    # Name of the file.
+    attr_reader :name
+    # Size of the file.
+    attr_reader :size
+    # File attributes.
+    attr_reader :attributes
+    # Whether the file is a directory.
+    attr_reader :directory
+
+    def initialize(name = nil, size = 0, directory = false, attributes = [])
+      @name, @size, @directory, @attributes = name, size, directory, attributes
+    end
+
+    def directory?
+      directory
+    end
+
+    def to_h
+      { name: name,
+        size: size,
+        directory: directory,
+        attributes: Attributes.to_hash(attributes) }
+    end
+
+    def <=>(other)
+      c = name <=> other.name
+      return c unless c == 0
+      c = size <=> other.size
+      return c unless c == 0
+      c = directory <=> other.directory
+      return c unless c == 0
+      attributes <=> other.attributes
+    end
+
+    def ==(other)
+      eql?(other)
+    end
+
+    def eql?(other)
+      name.eql?(other.name) && size.eql?(other.size) && directory.eql?(other.directory) && attributes.eql?(other.attributes)
+    end
+  end
+
+  # Assessment statistics for an asset.
+  #
+  class Assessment < APIObject
+    # The date an asset was last scanned.
+    attr_reader :last_scan_date
+    # The ID of the scan which last assessed the asset.
+    attr_reader :last_scan_id
+    # The current risk score of the asset.
+    attr_reader :risk_score
+  end
+end

data/lib/nexpose/common.rb

@@ -110,6 +110,18 @@ module Nexpose
     attr_accessor :incremental
     attr_accessor :repeater_type
 
+    # Extended attributes added with the new scheduler implementation
+    attr_accessor :is_extended
+    attr_accessor :hour
+    attr_accessor :minute
+    attr_accessor :date
+    attr_accessor :day
+    attr_accessor :occurrence
+    attr_accessor :start_month
+    attr_accessor :timezone
+    attr_accessor :next_run_time
+    attr_accessor :template
+
     def initialize(type, interval, start, enabled = true)
       @type = type
       @interval = interval
@@ -117,16 +129,33 @@ module Nexpose
       @enabled = enabled
     end
 
+    def self.from_hash(hash)
+      schedule = new(hash[:type], hash[:interval], hash[:start])
+      hash.each do |k, v|
+        schedule.instance_variable_set("@#{k}", v)
+      end
+      schedule
+    end
+
     def as_xml
       xml = REXML::Element.new('Schedule')
       xml.attributes['enabled'] = @enabled ? 1 : 0
       xml.attributes['type'] = @type
       xml.attributes['interval'] = @interval
-      xml.attributes['start'] = @start
+      xml.attributes['start'] = @start if @start
       xml.attributes['maxDuration'] = @max_duration if @max_duration
       xml.attributes['notValidAfter'] = @not_valid_after if @not_valid_after
       xml.attributes['incremental'] = @incremental ? 1 : 0 if @incremental
       xml.attributes['repeaterType'] = @repeater_type if @repeater_type
+      xml.attributes['is_extended'] = @is_extended if @is_extended
+      xml.attributes['hour'] = @hour if @hour
+      xml.attributes['minute'] = @minute if @minute
+      xml.attributes['date'] = @date if @date
+      xml.attributes['day'] = @day if @day
+      xml.attributes['occurrence'] = @occurrence if @occurrence
+      xml.attributes['start_month'] = @start_month if @start_month
+      xml.attributes['timezone'] = @timezone if @timezone
+      xml.attributes['template'] = @template if @template
       xml
     end
 
@@ -145,6 +174,16 @@ module Nexpose
       schedule.not_valid_after = xml.attributes['notValidAfter'] if xml.attributes['notValidAfter']
       schedule.incremental = (xml.attributes['incremental'] && xml.attributes['incremental'] == '1')
       schedule.repeater_type = xml.attributes['repeaterType'] if xml.attributes['repeaterType']
+      schedule.is_extended = xml.attributes['is_extended'] if xml.attributes['is_extended']
+      schedule.hour = xml.attributes['hour'] if xml.attributes['hour']
+      schedule.minute = xml.attributes['minute'] if xml.attributes['minute']
+      schedule.date = xml.attributes['date'] if xml.attributes['date']
+      schedule.day = xml.attributes['day'] if xml.attributes['day']
+      schedule.occurrence = xml.attributes['occurrence'] if xml.attributes['occurrence']
+      schedule.start_month = xml.attributes['start_month'] if xml.attributes['start_month']
+      schedule.timezone = xml.attributes['timezone'] if xml.attributes['timezone']
+      schedule.next_run_time = xml.attributes['next_run_time'] if xml.attributes['next_run_time']
+      schedule.template = xml.attributes['template'] if xml.attributes['template']
       schedule
     end
 

data/lib/nexpose/external.rb

@@ -0,0 +1,205 @@
+module Nexpose
+  class Connection
+    # Import external assets into a Nexpose console.
+    #
+    # This method will synchronously import a collection of assets into the
+    # console. Each call to this method will be treated as a single event.
+    #
+    # This method should only be used against "static" sites, i.e., those not
+    # tied to a dynamic population service like vSphere, AWS, etc.
+    #
+    # If a paused scan exists on the site at the time of import, the newly
+    # imported assets will not be included in the scan when it resumes.
+    #
+    # @param [Fixnum] site_id Existing site to import assets into.
+    # @param [Array[External::Asset]] assets External assets to import.
+    # @return [Array[ImportResult]] collection of import results.
+    #
+    def import_assets(site_id, assets)
+      json = JSON.generate(Array(assets).map(&:to_h))
+      import_assets_from_json(site_id, json)
+    end
+
+    # Import external assets into a Nexpose console.
+    #
+    # @param [Fixnum] site_id Existing site to import assets into.
+    # @param [String] json JSON representation of assets to import.
+    # @return [Array[ImportResult]] collection of import results.
+    #
+    def import_assets_from_json(site_id, json)
+      uri = "/api/2.1/sites/#{site_id}/assets"
+      # Wait up to 5 minutes for a response.
+      resp = AJAX.post(self, uri, json, AJAX::CONTENT_TYPE::JSON, 300)
+      arr = JSON.parse(resp, symbolize_names: true)
+      arr.map { |e| External::ImportResult.new.object_from_hash(self, e) }
+    end
+  end
+
+  # Namespace for functionality around importing external assets into Nexpose.
+  #
+  module External
+    # Object for importing assets from external sources into a Nexpose console.
+    # This exists primarily as a convenience for marshalling the data into the
+    # proper JSON format.
+    #
+    # In order to successfully import an asset, it must contain at least one
+    # scannable identifier: IP address, fully qualified domain name, or NetBIOS
+    # name. This ensures that once an asset is imported to the console, it can
+    # be scanned.
+    #
+    # Besides a scannable identifier, all other fields are optional.
+    #
+    class Asset
+      # IPv4 or IPv6 that is the primary identifier of the asset.
+      attr_accessor :ip
+      # A fully qualified domain name of the asset.
+      attr_accessor :fqdn
+      # A NetBIOS name of the asset.
+      attr_accessor :net_bios
+      # The MAC address of the asset.
+      attr_accessor :mac
+      # The host type of the asset. One of: GUEST, HYPERVISOR, PHYSICAL, MOBILE.
+      attr_accessor :host_type
+      # A list of alternate identifiers of the asset. This can include additional
+      # IP addresses and host names.
+      attr_accessor :aliases
+      # The date the asset was scanned. If left blank, the current time will be
+      # used by the console. Use the ISO 8601 basic date-time format.
+      # For example: 20141211T100614.526Z
+      attr_accessor :scan_date
+      # The CPE for the operating system on the asset.
+      attr_accessor :os
+      # A list of CPEs identifying software installed on the asset.
+      attr_accessor :software
+      # A list of service endpoints on the asset.
+      attr_accessor :services
+      # A list of user accounts on the asset.
+      attr_accessor :users
+      # A list of group accounts on the asset.
+      attr_accessor :groups
+      # Files and directories on the asset.
+      attr_accessor :files
+      # A list of key-value attributes associated with the asset.
+      attr_accessor :attributes
+      # Asset-level vulnerabilities.
+      attr_accessor :vulnerabilities
+
+      def initialize
+        @aliases = []
+        @software = []
+        @services = []
+        @attributes = []
+        @users = []
+        @groups = []
+        @files = []
+        @vulnerabilities = []
+      end
+
+      def to_json
+        JSON.generate(to_h)
+      end
+
+      def to_h
+        { ip: ip,
+          fqdn: fqdn,
+          net_bios: net_bios,
+          mac: mac,
+          host_type: host_type,
+          aliases: aliases,
+          scan_date: scan_date,
+          os: os,
+          software: software,
+          services: services.map(&:to_h),
+          users: users.map(&:to_h),
+          groups: groups.map(&:to_h),
+          files: files.map(&:to_h),
+          vulnerabilities: vulnerabilities.map(&:to_h),
+          attributes: Attributes.to_hash(attributes) }
+      end
+
+      # Valid host types for an asset.
+      module HostType
+        GUEST = 'GUEST'
+        HYPERVISOR = 'HYPERVISOR'
+        PHYSICAL = 'PHYSICAL'
+        MOBILE = 'MOBILE'
+      end
+    end
+
+    # A service endpoint on an asset.
+    #
+    class Service
+      # Name of the service. [Optional]
+      attr_accessor :name
+      # Port on which the service is running.
+      attr_accessor :port
+      # Protocol used to communicate to the port. @see Service::Protocol.
+      attr_accessor :protocol
+      # Vulnerabilities specific to this service endpoint.
+      attr_accessor :vulnerabilities
+
+      def initialize(port, protocol = Protocol::RAW, name = nil)
+        @port, @protocol, @name = port, protocol, name
+        @vulnerabilities = []
+      end
+
+      def to_h
+        { name: name,
+          port: port,
+          protocol: protocol,
+          vulnerabilities: vulnerabilities.map(&:to_h) }
+      end
+    end
+
+    # Vulnerability check object for importing vulnerabilities into Nexpose.
+    #
+    class VulnerabilityCheck
+      # Unique identifier of a vulnerability in Nexpose.
+      attr_accessor :vuln_id
+      # Status of the vulnerability. @see VulnerabilityCheck::Status
+      attr_accessor :status
+      # Unique identifier of a vulnerability instance, typically used for spider
+      # vulns or when multiple instances of a vuln exist on the same service.
+      attr_accessor :key
+      # Explanation of what proves that an asset or service is vulnerable.
+      attr_accessor :proof
+
+      def initialize(vuln_id, status = Status::EXPLOITED, proof = nil, key = nil)
+        @vuln_id, @status, @proof, @key = vuln_id, status, proof, key
+      end
+
+      def to_h
+        { vuln_id: vuln_id,
+          status: status,
+          key: key,
+          proof: proof }
+      end
+
+      # Valid vulnerability status for import into Nexpose.
+      module Status
+        # Vulnerability verified by exploit.
+        EXPLOITED = 'vulnerable-exploited'
+        # Vulnerable because the service or software version is associated with
+        # a known vulnerability.
+        VERSION = 'vulnerable-version'
+        # A potential vulnerability.
+        POTENTIAL = 'potential'
+      end
+    end
+
+    # Result object returned from an import_assets call, used to correlate the
+    # supplied scannable identifier with the resulting asset ID or any error
+    # messages from a problematic import.
+    #
+    class ImportResult < APIObject
+      # IP or hostname provided during import.
+      attr_reader :name
+      # Resulting asset ID of the created asset, if any.
+      attr_reader :asset_id
+      # The asset created by the import. [Lazy]
+      attr_reader :asset
+      # Any error messages associated with the import of the asset.
+      attr_reader :error_message
+    end
+  end
+end

data/lib/nexpose/shared_credential.rb

@@ -127,7 +127,7 @@ module Nexpose
       desc = xml.add_element('Description').add_text(@description)
 
       services = xml.add_element('Services')
-      service = services.add_element('Service').add_attribute('type', @type)
+      service = services.add_element('Service').add_attribute('type', @service)
 
       (account = xml.add_element('Account')).add_attribute('type', 'nexpose')
       account.add_element('Field', { 'name' => 'database' }).add_text(@database)

data/lib/nexpose/site.rb

@@ -257,9 +257,14 @@ module Nexpose
     # @param [Fixnum] id Site ID of an existing site.
     # @return [Site] Site configuration loaded from a Nexpose console.
     #
-    def self.load(connection, id)
-      r = APIRequest.execute(connection.url,
-                             %(<SiteConfigRequest session-id="#{connection.session_id}" site-id="#{id}"/>))
+    def self.load(connection, id, is_extended = false)
+      if is_extended
+        r = APIRequest.execute(connection.url,
+                               %(<SiteConfigRequest session-id="#{connection.session_id}" site-id="#{id}" is_extended="true"/>))
+      else
+        r = APIRequest.execute(connection.url,
+                               %(<SiteConfigRequest session-id="#{connection.session_id}" site-id="#{id}"/>))
+      end
       site = parse(r.res)
       site.load_dynamic_attributes(connection) if site.dynamic?
       site

data/lib/nexpose/version.rb

@@ -1,4 +1,4 @@
 module Nexpose
   # The latest version of the Nexpose gem
-  VERSION = '0.9.3'
+  VERSION = '0.9.4'
 end

data/lib/nexpose/vuln.rb

@@ -45,12 +45,11 @@ module Nexpose
     #
     # @return [Array[String]] Array of currently valid check types.
     #
-    def list_vuln_types
-      data = DataTable._get_dyn_table(self, '/ajax/vulnck_cat_synopsis.txml')
+    def vuln_types
+      data = DataTable._get_dyn_table(self, '/data/vulnerability/checktypes/dyntable.xml?tableID=VulnCheckCategorySynopsis')
       data.map { |c| c['Category'] }
     end
-
-    alias_method :vuln_types, :list_vuln_types
+    alias_method  :list_vuln_types, :vuln_types
 
     # Retrieve details for a vulnerability.
     #
@@ -92,7 +91,7 @@ module Nexpose
     #   Nexpose between the provided dates.
     #
     def find_vulns_by_date(from, to = nil)
-      uri = "/ajax/vuln_synopsis.txml?addedMin=#{from}"
+      uri = "/data/vulnerability/synopsis/dyntable.xml?addedMin=#{from}"
       uri += "&addedMax=#{to}" if to
       DataTable._get_dyn_table(self, uri).map { |v| VulnSynopsis.new(v) }
     end
@@ -285,4 +284,46 @@ module Nexpose
       @malware = hash['MalwareSource'] == 'true'
     end
   end
+
+  # A vulnerability discovered on an asset.
+  #
+  class Vulnerability < APIObject
+    # Unique identifier of the vulnerability.
+    attr_reader :id
+    # Vulnerability title.
+    attr_reader :title
+    # Full vulnerability definition. [Lazy]
+    attr_reader :vulnerability_definition
+  end
+
+  # An instance of a vulnerability discovered on an asset.
+  #
+  class VulnerabilityInstance < APIObject
+    # ID of the asset where the vulnerability instance was detected.
+    attr_reader :asset_id
+    # IP Address of the asset where the vulnerability instance was detected.
+    attr_reader :asset_ip_address
+    # ID of the scan where the vulnerability instance was detected.
+    attr_reader :scan_id
+    # The ID (natural key) of the vulnerability.
+    attr_reader :vulnerability_id
+    # The time at which the vulnerability test was performed.
+    attr_reader :date
+    # The vulnerable status of the vulnerability.
+    attr_reader :status
+    # The proof which explains why the vulnerability is present on the asset.
+    # The value is often HTML-formatted text.
+    attr_reader :proof
+    # Key that can distinguish the instances of the same type on the system.
+    # For spider vulnerabilities, this is typically the relative URI where the
+    # vuln was discovered.
+    attr_reader :key
+    # The service that the vulnerability test was performed against.
+    attr_reader :service
+    # The port on which the service was running if the vulnerability was found
+    # through a network service, -1 if not defined.
+    attr_reader :port
+    # Protocol the service was providing on which the vulnerability was found.
+    attr_reader :protocol
+  end
 end

data/lib/nexpose/vuln_def.rb

@@ -0,0 +1,174 @@
+module Nexpose
+  class Connection
+    # Retrieve all vulnerability definitions currently in a Nexpose console.
+    #
+    # Note, this can easily take 30 seconds to complete and will load over
+    # 55,000 vulnerability definitions.
+    #
+    # @return [Array[VulnerabilityDefinition]] Collection of vulnerability definitions.
+    #
+    def all_vulns
+      uri = '/api/2.0/vulnerability_definitions'
+      resp = AJAX.get(self, uri, AJAX::CONTENT_TYPE::JSON, per_page: 2_147_483_647)
+      json = JSON.parse(resp, symbolize_names: true)
+      json[:resources].map { |e| VulnerabilityDefinition.new.object_from_hash(self, e) }
+    end
+
+    # Search for any vulnerability definitions which refer to a given CVE.
+    #
+    # @param [String] cve A valid CVE.
+    # @return [Array[VulnerabilityDefinition]] A list of vuln definitions which check the CVE.
+    #
+    def find_vulns_by_cve(cve)
+      uri = '/api/2.0/vulnerability_definitions'
+      resp = AJAX.get(self, uri, AJAX::CONTENT_TYPE::JSON, cve: cve)
+      json = JSON.parse(resp, symbolize_names: true)
+      json[:resources].map { |e| VulnerabilityDefinition.new.object_from_hash(self, e) }
+    end
+
+    # Search for any vulnerability definitions which refer to a given reference
+    # ID.
+    #
+    # Examples:
+    #   find_vulns_by_ref('oval', 'OVAL10476')
+    #   find_vulns_by_ref('bid', 35067)
+    #   find_vulns_by_ref('secunia', 35188)
+    #
+    # @param [String] source External vulnerability reference source.
+    # @param [String] id Unique vulnerability reference ID.
+    # @return [Array[VulnerabilityDefinition]] A list of vuln definitions which
+    #   check the vulnerability.
+    #
+    def find_vulns_by_ref(source, id)
+      uri = '/api/2.0/vulnerability_definitions'
+      resp = AJAX.get(self,
+                      uri,
+                      AJAX::CONTENT_TYPE::JSON,
+                      source: source, id: id)
+      json = JSON.parse(resp, symbolize_names: true)
+      json[:resources].map { |e| VulnerabilityDefinition.new.object_from_hash(self, e) }
+    end
+
+    # Search for any vulnerability definitions which refer to a given title.
+    #
+    # Note: This method will return a maximum of 500 results. If the search
+    # yields a high number of results, consider add more specific words to
+    # the title.
+    #
+    # @param [String] title A (partial) title to search for.
+    # @param [Boolean] all_words Whether to include all words from the search
+    #   phrase in the search.
+    # @return [Array[VulnerabilityDefinition]] A list of vuln definitions with titles matching
+    #   the provided value.
+    #
+    def find_vulns_by_title(title, all_words = true)
+      uri = '/api/2.0/vulnerability_definitions'
+      params = { title: title, all_words: all_words }
+      resp = AJAX.get(self, uri, AJAX::CONTENT_TYPE::JSON, params)
+      json = JSON.parse(resp, symbolize_names: true)
+      json[:resources].map { |e| VulnerabilityDefinition.new.object_from_hash(self, e) }
+    end
+  end
+
+  # Vulnerability definition object. Represents a known vulnerability on a given
+  # Nexpose console.
+  #
+  class VulnerabilityDefinition < APIObject
+    # Unique identifier of a vulnerability definition.
+    attr_reader :id
+    # Vulnerability title.
+    attr_reader :title
+    # Vulnerability description, usually formated in HTML.
+    attr_reader :description
+    # The CVEs for the vulnerability.
+    attr_reader :cves
+    # Date the vulnerability was publicized by the third-party, vendor, or another
+    # authoring source.
+    attr_reader :date_published
+    # Date the vulnerability was first checked by Nexpose.
+    attr_reader :date_added
+    # Severity category. One of: Critical, Severe, Moderate.
+    attr_reader :severity
+    # Severity score, in the range of 0.0 to 10.0.
+    attr_reader :severity_score
+    # Risk score associated with vulnerability.
+    attr_reader :riskscore
+
+    # Whether the presence of the vulnerability can cause PCI failure.
+    # One of: Pass, Fail.
+    attr_reader :pci_status
+    # PCI severity score of the vulnerability, measured on a scale of 1 to 5.
+    attr_reader :pci_severity_score
+
+    # CVSS score of the vulnerability. Value between 0.0 and 10.0.
+    attr_reader :cvss_score
+    # Full CVSS vector in CVSS Version 2.0 notation.
+    attr_reader :cvss_vector
+    # Base score for the exploitability of a vulnerability that is used to compute
+    # the overall CVSS score.
+    attr_reader :cvss_exploit_score
+    # Base score for the impact of a vulnerability that is used to compute the
+    # overall CVSS score.
+    attr_reader :cvss_impact_score
+
+    # Whether the vulnerability is classified as a denial-of-service vuln.
+    attr_reader :denial_of_service
+
+    # Load a vulnerability definition from the provided console.
+    #
+    # @param [Connection] nsc Active connection to a Nexpose console.
+    # @param [String] id Unique identifier of a vulnerability definition.
+    # @return [VulnerabilityDefinition] The requested vulnerability definition, if found.
+    #
+    def self.load(nsc, id)
+      uri = "/api/2.0/vulnerability_definitions/#{id}"
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      hash = JSON.parse(resp, symbolize_names: true)
+      new.object_from_hash(nsc, hash)
+    end
+  end
+
+  # Known malware kits that can target a vulnerability.
+  #
+  class MalwareKit < APIObject
+    # Internal Nexpose identifier of the malware kit.
+    attr_reader :id
+    # Malware kit name.
+    attr_reader :name
+    # Malware kit description, if available.
+    attr_reader :description
+    # Popularity of the malware kit, which identifies how common or accessible
+    # it is. Values include: rare, uncommon, common, popular, occasional.
+    attr_reader :popularity
+  end
+
+  # Known exploits of a vulnerability.
+  #
+  class Exploit < APIObject
+    # Internal Nexpose identifier of the exploit.
+    attr_reader :id
+    # Exploit title.
+    attr_reader :title
+    # A description of the exploit, if available.
+    attr_reader :description
+    # Skill level required to use the exploit. One of: Expert, Intermediate,
+    # Novice.
+    attr_reader :skill_level
+    # Source which defined and published the exploit, such as Metasploit or
+    # Exploit Database.
+    attr_reader :source
+    # Reference key used by the publishing source to identify the exploit.
+    attr_reader :source_key
+  end
+
+  # External vulnerability reference.
+  #
+  class Reference < APIObject
+    # Internal Nexpose identifier of the reference.
+    attr_reader :id
+    # Reference value, such as the full CVE identifier.
+    attr_reader :reference
+    # Reference source, such as CVE, MS, RedHat, etc.
+    attr_reader :source
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 0.9.3
+  version: 0.9.4
 platform: ruby
 authors:
 - HD Moore
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-01-05 00:00:00.000000000 Z
+date: 2015-01-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rex
@@ -59,6 +59,7 @@ extensions: []
 extra_rdoc_files:
 - README.markdown
 files:
+- CONTRIBUTING.md
 - COPYING
 - Gemfile
 - README.markdown
@@ -69,6 +70,7 @@ files:
 - lib/nexpose/alert.rb
 - lib/nexpose/api.rb
 - lib/nexpose/api_request.rb
+- lib/nexpose/asset.rb
 - lib/nexpose/common.rb
 - lib/nexpose/connection.rb
 - lib/nexpose/console.rb
@@ -80,6 +82,7 @@ files:
 - lib/nexpose/discovery/filter.rb
 - lib/nexpose/engine.rb
 - lib/nexpose/error.rb
+- lib/nexpose/external.rb
 - lib/nexpose/filter.rb
 - lib/nexpose/global_settings.rb
 - lib/nexpose/group.rb
@@ -104,6 +107,7 @@ files:
 - lib/nexpose/util.rb
 - lib/nexpose/version.rb
 - lib/nexpose/vuln.rb
+- lib/nexpose/vuln_def.rb
 - lib/nexpose/vuln_exception.rb
 - nexpose.gemspec
 homepage: https://github.com/rapid7/nexpose-client