RubyGems - nexpose - Versions diffs - 0.9.8 → 1.0.0 - Mend

nexpose 0.9.8 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

checksums.yaml +4 -4
data/Gemfile.lock +1 -1
data/lib/nexpose.rb +8 -4
data/lib/nexpose/ajax.rb +29 -4
data/lib/nexpose/alert.rb +160 -177
data/lib/nexpose/api.rb +18 -0
data/lib/nexpose/common.rb +144 -10
data/lib/nexpose/credential.rb +185 -1
data/lib/nexpose/discovery.rb +141 -16
data/lib/nexpose/discovery/filter.rb +26 -3
data/lib/nexpose/engine.rb +16 -0
data/lib/nexpose/json_serializer.rb +92 -0
data/lib/nexpose/scan.rb +131 -23
data/lib/nexpose/scan_template.rb +1 -1
data/lib/nexpose/shared_secret.rb +31 -0
data/lib/nexpose/site.rb +339 -317
data/lib/nexpose/site_credentials.rb +178 -0
data/lib/nexpose/tag.rb +42 -1
data/lib/nexpose/util.rb +11 -16
data/lib/nexpose/version.rb +1 -1
data/lib/nexpose/wait.rb +103 -0
data/lib/nexpose/web_credentials.rb +252 -0
metadata +18 -8
data/lib/nexpose/site_credential.rb +0 -323

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6c5d157c20856a164ee2982bbf4d66895bbf2338
-  data.tar.gz: 8ec9a5560d29c9e19449b19e2a93a307877d5fcd
+  metadata.gz: 0443897c1940a9c3099ecc230589e7925fca9697
+  data.tar.gz: e31a6036c4170c0fa796b961973601bc9d5db6bb
 SHA512:
-  metadata.gz: 7ecf67806e6577ccf7072261a27fb2cfec3f5b3b9e7aae24fad579900309c3cf73869437adaca9fccda5038f75226a50286bbc9a001a4c2dfb7d7db1ebb1ea3a
-  data.tar.gz: b112151d6331a44c6dfe4767e365944e07fd6d10386a22be7fe0e6ed68af75058f51e193aef38e3249dca4ed32e05f3a97523ce34120e72ff56cd0b6a8757510
+  metadata.gz: e9b887b9f2564478be53d7b45271d1035fef4f51d19e87f5a729ce0423d1571eb0c9e145f3eba7726992a936596e7db5f6f8b2fbe174f98444ab32ef44f77566
+  data.tar.gz: 636f2e44bb5b141a5d3d670b4f8290009af0e1f1dc5d2aeea6b1e2c77687f99d6483f6d063fbd696e1f558ac679dc58915dd896103cc7baa8786ddba5793b3c7

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    nexpose (0.9.8)
+    nexpose (1.0.0)
       rex (~> 2.0, >= 2.0.8)
 GEM

data/lib/nexpose.rb CHANGED Viewed

@@ -57,25 +57,27 @@ require 'rex/mime'
 require 'ipaddr'
 require 'json'
 require 'cgi'
+require 'nexpose/api'
+require 'nexpose/json_serializer'
 require 'nexpose/error'
 require 'nexpose/util'
 require 'nexpose/alert'
 require 'nexpose/ajax'
-require 'nexpose/api'
 require 'nexpose/api_request'
 require 'nexpose/asset'
 require 'nexpose/common'
 require 'nexpose/console'
 require 'nexpose/credential'
-require 'nexpose/site_credential'
+require 'nexpose/site_credentials'
 require 'nexpose/shared_credential'
+require 'nexpose/web_credentials'
 require 'nexpose/data_table'
 require 'nexpose/device'
-require 'nexpose/discovery'
-require 'nexpose/discovery/filter'
 require 'nexpose/engine'
 require 'nexpose/external'
 require 'nexpose/filter'
+require 'nexpose/discovery'
+require 'nexpose/discovery/filter'
 require 'nexpose/global_settings'
 require 'nexpose/group'
 require 'nexpose/dag'
@@ -87,6 +89,7 @@ require 'nexpose/report_template'
 require 'nexpose/role'
 require 'nexpose/scan'
 require 'nexpose/scan_template'
+require 'nexpose/shared_secret'
 require 'nexpose/silo'
 require 'nexpose/silo_profile'
 require 'nexpose/site'
@@ -100,6 +103,7 @@ require 'nexpose/vuln_exception'
 require 'nexpose/connection'
 require 'nexpose/maint'
 require 'nexpose/version'
+require 'nexpose/wait'
 module Nexpose

data/lib/nexpose/ajax.rb CHANGED Viewed

@@ -8,6 +8,9 @@ module Nexpose
   module AJAX
     module_function
+    API_PATTERN = %r{/api/(?<version>[\d\.]+)}
+    private_constant :API_PATTERN
     # Content type strings acceptect by Nexpose.
     #
     module CONTENT_TYPE
@@ -157,15 +160,37 @@ module Nexpose
         if response.header['location'] =~ /login/
           raise Nexpose::AuthenticationFailed.new(response)
         else
-          req_type = request.class.name.split('::').last.upcase
-          raise Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{request.body}", response.code)
+          raise get_api_error(request, response)
         end
       else
-        req_type = request.class.name.split('::').last.upcase
-        raise Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{request.body}", response.code)
+        raise get_api_error(request, response)
       end
     end
+    def get_api_error(request, response)
+      req_type = request.class.name.split('::').last.upcase
+      error_message = get_error_message(request, response)
+      Nexpose::APIError.new(response, "#{req_type} request to #{request.path} failed. #{error_message}", response.code)
+    end
+    # Get the version of the api target by request
+    #
+    # @param [HTTPRequest] request
+    def get_request_api_version(request)
+      matches = request.path.match(API_PATTERN)
+      matches[:version].to_f
+      rescue
+        0.0
+    end
+    # Get an error message from the response body if the request url api version
+    # is 2.1 or greater otherwise use the request body
+    def get_error_message(request, response)
+      version = get_request_api_version(request)
+      (version >= 2.1 && response.body) ? "response body: #{response.body}" : "request body: #{request.body}"
+    end
     # Execute a block of code while presenving the preferences for any
     # underlying table being accessed. Use this method when accessing data
     # tables which are present in the UI to prevent existing row preferences

data/lib/nexpose/alert.rb CHANGED Viewed

@@ -1,107 +1,29 @@
 module Nexpose
-  # Alert parent object.
-  # The three alert types should be wrapped in this object to store data.
-  #
-  class Alert
-    # Name for this alert.
-    attr_accessor :name
-    # Whether or not this alert is currently active.
-    attr_accessor :enabled
-    # Send at most this many alerts per scan.
-    attr_accessor :max_alerts
-    # Send alerts based upon scan status.
-    attr_accessor :scan_filter
-    # Send alerts based upon vulnerability finding status.
-    attr_accessor :vuln_filter
-    # Alert type and its configuration. One of SMTPAlert, SyslogAlert, SNMPAlert
-    attr_accessor :type
-    def initialize(name, enabled = 1, max_alerts = -1)
-      @name, @enabled, @max_alerts = name, enabled, max_alerts
-    end
-    def as_xml
-      xml = REXML::Element.new('Alert')
-      xml.attributes['name'] = @name
-      xml.attributes['enabled'] = @enabled
-      xml.attributes['maxAlerts'] = @max_alerts
-      xml.add_element(scan_filter.as_xml)
-      xml.add_element(vuln_filter.as_xml)
-      xml.add_element(type.as_xml)
-      xml
-    end
-    def to_xml
-      as_xml.to_s
-    end
-    # Parse a response from a Nexpose console into a valid Alert object.
-    #
-    # @param [REXML::Document] rexml XML document to parse.
-    # @return [Alert] Alert object represented by the XML.
-    #
-    def self.parse(rexml)
-      name = rexml.attributes['name']
-      rexml.elements.each("//Alert[@name='#{name}']") do |xml|
-        alert = new(name,
-                    xml.attributes['enabled'].to_i,
-                    xml.attributes['maxAlerts'].to_i)
-        alert.scan_filter = ScanFilter.parse(REXML::XPath.first(xml, "//Alert[@name='#{name}']/scanFilter"))
-        alert.vuln_filter = VulnFilter.parse(REXML::XPath.first(xml, "//Alert[@name='#{name}']/vulnFilter"))
-        if (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/smtpAlert"))
-          alert.type = SMTPAlert.parse(type)
-        elsif (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/syslogAlert"))
-          alert.type = SyslogAlert.parse(type)
-        elsif (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/snmpAlert"))
-          alert.type = SNMPAlert.parse(type)
-        end
-        return alert
-      end
-      nil
-    end
-  end
   # Scan filter for alerting.
   # Set values to 1 to enable and 0 to disable.
-  #
   class ScanFilter
+    include JsonSerializer
     # Scan events to alert on.
     attr_accessor :start, :stop, :fail, :resume, :pause
     def initialize(start = 0, stop = 0, fail = 0, resume = 0, pause = 0)
-      @start, @stop, @fail, @resume, @pause = start, stop, fail, resume, pause
-    end
-    def as_xml
-      xml = REXML::Element.new('scanFilter')
-      xml.attributes['scanStart'] = @start
-      xml.attributes['scanStop'] = @stop
-      xml.attributes['scanFailed'] = @fail
-      xml.attributes['scanResumed'] = @resume
-      xml.attributes['scanPaused'] = @pause
-      xml
-    end
-    def to_xml
-      as_xml.to_s
+      @start, @stop, @fail, @resume, @pause = start.to_i, stop.to_i, fail.to_i, resume.to_i, pause.to_i
     end
-    def self.parse(xml)
-      new(xml.attributes['scanStart'].to_i,
-          xml.attributes['scanStop'].to_i,
-          xml.attributes['scanFailed'].to_i,
-          xml.attributes['scanResumed'].to_i,
-          xml.attributes['scanPaused'].to_i)
+    def self.json_initializer(filter)
+      new(filter[:start] ? 1 : 0,
+          filter[:stop] ? 1 : 0,
+          filter[:failed] ? 1 : 0,
+          filter[:resume] ? 1 : 0,
+          filter[:pause] ? 1 : 0)
     end
   end
   # Vulnerability filtering for alerting.
   # Set values to 1 to enable and 0 to disable.
-  #
   class VulnFilter
+    include JsonSerializer
     # Only alert on vulnerability findings with a severity level greater than this level.
     # Range is 0 to 10.
     # Values in the UI correspond as follows:
@@ -114,138 +36,199 @@ module Nexpose
     attr_accessor :confirmed, :unconfirmed, :potential
     def initialize(severity = 1, confirmed = 1, unconfirmed = 1, potential = 1)
-      @severity, @confirmed, @unconfirmed, @potential = severity, confirmed, unconfirmed, potential
-    end
-    def as_xml
-      xml = REXML::Element.new('vulnFilter')
-      xml.attributes['severityThreshold'] = @severity
-      xml.attributes['confirmed'] = @confirmed
-      xml.attributes['unconfirmed'] = @unconfirmed
-      xml.attributes['potential'] = @potential
-      xml
-    end
-    def to_xml
-      as_xml.to_s
+      @severity, @confirmed = severity.to_i, confirmed.to_i
+      @unconfirmed, @potential = unconfirmed.to_i, potential.to_i
     end
-    def self.parse(xml)
-      new(xml.attributes['severityThreshold'].to_i,
-          xml.attributes['confirmed'].to_i,
-          xml.attributes['unconfirmed'].to_i,
-          xml.attributes['potential'].to_i)
+    def self.json_initializer(filter)
+      new(filter[:severity] ? 1 : 0,
+          filter[:unconfirmed] ? 1 : 0,
+          filter[:confirmed] ? 1 : 0,
+          filter[:potential] ? 1 : 0)
     end
   end
-  # Syslog Alert
-  # This class should only exist as an element of an Alert.
-  #
-  class SyslogAlert
+  # Alert base behavior.
+  # The supported three alert types should have these properties and behaviors
+  module Alert
+    include JsonSerializer
+    extend TypedAccessor
-    # The server to sent this alert to.
+    # ID for this alert.
+    attr_accessor :id
+    # Name for this alert.
+    attr_accessor :name
+    # Whether or not this alert is currently active.
+    attr_accessor :enabled
+    # Send at most this many alerts per scan.
+    attr_accessor :max_alerts
+    # Alert type and its configuration. One of SMTPAlert, SyslogAlert, SNMPAlert
+    attr_accessor :alert_type
+    # Server target the alerts
     attr_accessor :server
+    # Server port
+    attr_accessor :server_port
-    def initialize(server)
-      @server = server
-    end
+    # Send alerts based upon scan status.
+    typed_accessor :scan_filter, ScanFilter
+    # Send alerts based upon vulnerability finding status.
+    typed_accessor :vuln_filter, VulnFilter
-    def self.parse(xml)
-      new(xml.attributes['server'])
+    # load a particular site alert
+    def self.load(nsc, site_id, alert_id)
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts/#{alert_id}"
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      unless resp.to_s == ''
+        data = JSON.parse(resp, symbolize_names: true)
+        json_initializer(data).deserialize(data)
+      end
     end
-    def as_xml
-      xml = REXML::Element.new('syslogAlert')
-      xml.attributes['server'] = @server
-      xml
+    # load alerts from an array of hashes
+    def self.load_alerts(alerts)
+      alerts.map { |hash| json_initializer(hash).deserialize(hash) }
     end
-    def to_xml
-      as_xml.to_s
+    # load a list of alerts for a given site
+    def self.list_alerts(nsc, site_id)
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts"
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      data = JSON.parse(resp, symbolize_names: true)
+      load_alerts(data) unless data.nil?
     end
-  end
-  # SNMP Alert
-  # This class should only exist as an element of an Alert.
-  #
-  class SNMPAlert
+    def self.json_initializer(hash)
+      create(hash)
+    end
-    # The community string
-    attr_accessor :community
+    def to_h
+      to_hash(Hash.new)
+    end
-    # The server to sent this alert
-    attr_accessor :server
+    def to_json
+      serialize
+    end
-    def initialize(community, server)
-      @community = community
-      @server = server
+    # delete an alert from the given site
+    def delete(nsc, site_id)
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts/#{id}"
+      AJAX.delete(nsc, uri, AJAX::CONTENT_TYPE::JSON)
     end
-    def self.parse(xml)
-      new(xml.attributes['community'], xml.attributes['server'])
+    # save an alert for a given site
+    def save(nsc, site_id)
+      validate
+      uri = "/api/2.1/site_configurations/#{site_id}/alerts"
+      id = AJAX.put(nsc, uri, self.to_json, AJAX::CONTENT_TYPE::JSON)
+      @id = id.to_i
     end
-    def as_xml
-      xml = REXML::Element.new('snmpAlert')
-      xml.attributes['community'] = @community
-      xml.attributes['server'] = @server
-      xml
+    def validate
+      raise ArgumentError.new('Name is a required attribute.') unless @name
+      raise ArgumentError.new('Scan filter is a required attribute.') unless @scan_filter
+      raise ArgumentError.new('Vuln filter is a required attribute.') unless @vuln_filter
     end
-    def to_xml
-      as_xml.to_s
+    private
+    def self.create(hash)
+      alert_type = hash[:alert_type]
+      raise 'An alert must have an alert type' if alert_type.nil?
+      raise 'Alert name cannot be empty.' if !hash.has_key?(:name) || hash[:name].to_s == ''
+      raise 'SNMP and Syslog alerts must have a server defined' if ['SNMP', 'Syslog'].include?(alert_type) && hash[:server].to_s == ''
+      case alert_type
+      when 'SMTP'
+        alert = SMTPAlert.new(hash[:name],
+                              hash[:sender],
+                              hash[:server],
+                              hash[:recipients],
+                              hash[:enabled],
+                              hash[:max_alerts],
+                              hash[:verbose])
+      when 'SNMP'
+        alert = SNMPAlert.new(hash[:name],
+                              hash[:community],
+                              hash[:server],
+                              hash[:enabled],
+                              hash[:max_alerts])
+      when 'Syslog'
+        alert = SyslogAlert.new(hash[:name],
+                                hash[:server],
+                                hash[:enabled],
+                                hash[:max_alerts])
+      else
+        fail "Unknown alert type: #{alert_type}"
+      end
+      alert.scan_filter = ScanFilter.new
+      alert.vuln_filter = VulnFilter.new
+      alert
     end
   end
   # SMTP (e-mail) Alert
-  # This class should only exist as an element of an Alert.
-  #
   class SMTPAlert
+    include Alert
+    attr_accessor :recipients, :sender, :verbose
-    # The e-mail address of the sender.
-    attr_accessor :sender
-    # The server to sent this alert.
-    attr_accessor :server
-    # Limit the text for mobile devices.
-    attr_accessor :limit_text
-    # Array of strings with the e-mail addresses of the intended recipients.
-    attr_accessor :recipients
+    def initialize(name, sender, server, recipients, enabled = 1, max_alerts = -1, verbose = 0)
+      unless recipients.is_a?(Array) && recipients.length > 0
+        raise 'An SMTP alert must contain an array of recipient emails with at least 1 recipient'
+      end
+      recipients.each do |recipient|
+        unless recipient =~ /^.+@.+\..+$/
+          raise "Recipients must contain valid emails, #{recipient} has an invalid format"
+        end
+      end
-    def initialize(sender, server, limit_text = 0)
+      @alert_type = 'SMTP'
+      @name = name
+      @enabled = enabled
+      @max_alerts = max_alerts
       @sender = sender
       @server = server
-      @limit_text = limit_text
-      @recipients = []
+      @verbose = verbose
+      @recipients = recipients.nil? ? [] : recipients
     end
-    # Adds a new recipient to the alert.
-    def add_recipient(recipient)
+    def add_email_recipient(recipient)
       @recipients << recipient
     end
-    def as_xml
-      xml = REXML::Element.new('smtpAlert')
-      xml.attributes['sender'] = @sender
-      xml.attributes['server'] = @server
-      xml.attributes['limitText'] = @limit_text
-      recipients.each do |recpt|
-        elem = REXML::Element.new('recipient')
-        elem.text = recpt
-        xml.add_element(elem)
-      end
-      xml
+    def remove_email_recipient(recipient)
+      @recipients.delete(recipient)
     end
+  end
+  # SNMP Alert
+  class SNMPAlert
+    include Alert
+    attr_accessor :community
+    def initialize(name, community, server, enabled = 1, max_alerts = -1)
+      raise 'SNMP alerts must have a community defined.' if community.nil?
-    def to_xml
-      as_xml.to_s
+      @alert_type = 'SNMP'
+      @name = name
+      @enabled = enabled
+      @max_alerts = max_alerts
+      @community = community
+      @server = server
     end
+  end
-    def self.parse(xml)
-      alert = new(xml.attributes['sender'], xml.attributes['server'], xml.attributes['limitText'].to_i)
-      xml.elements.each("//recipient") do |recipient|
-        alert.recipients << recipient.text
-      end
-      alert
+  # Syslog Alert
+  class SyslogAlert
+    include Alert
+    def initialize(name, server, enabled = 1, max_alerts = -1)
+      @alert_type = 'Syslog'
+      @name = name
+      @enabled = enabled
+      @max_alerts = max_alerts
+      @server = server
     end
   end
 end