nexpose 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0443897c1940a9c3099ecc230589e7925fca9697
-  data.tar.gz: e31a6036c4170c0fa796b961973601bc9d5db6bb
+  metadata.gz: 5bd3b5a70f4342a50d856fede506bd98df0dc3eb
+  data.tar.gz: dbdcbcd5fa044c89254d8708ba5c1c51a2c0ca8e
 SHA512:
-  metadata.gz: e9b887b9f2564478be53d7b45271d1035fef4f51d19e87f5a729ce0423d1571eb0c9e145f3eba7726992a936596e7db5f6f8b2fbe174f98444ab32ef44f77566
-  data.tar.gz: 636f2e44bb5b141a5d3d670b4f8290009af0e1f1dc5d2aeea6b1e2c77687f99d6483f6d063fbd696e1f558ac679dc58915dd896103cc7baa8786ddba5793b3c7
+  metadata.gz: 55eae9f2e3a7127ed26d893fcb8d03a63c1ec30bb7fd3f3e841bfd7589c58809289a0f9507fafb185570df673cf0810674d043fdd0c8208e093844f5f046ec18
+  data.tar.gz: ac462779de54270a9cde72dcb7bae47a22f3d36b34f4d094f067cd2fc74afc1f48c812b4b0981761b2d7eef886a4a42789b9fc8a7523175cd043039acfdfd8d8

data/README.markdown

@@ -1,13 +1,13 @@
 # Nexpose-Client
 [![Gem Version](https://badge.fury.io/rb/nexpose.svg)](http://badge.fury.io/rb/nexpose) [![Build Status](https://travis-ci.org/rapid7/nexpose-client.svg?branch=master)](https://travis-ci.org/rapid7/nexpose-client) [![Test Coverage](https://codeclimate.com/github/rapid7/nexpose-client/badges/coverage.svg)](https://codeclimate.com/github/rapid7/nexpose-client) [![Inline docs](http://inch-ci.org/github/rapid7/nexpose-client.svg?branch=master)](http://inch-ci.org/github/rapid7/nexpose-client) [![Code Climate](https://codeclimate.com/github/rapid7/nexpose-client/badges/gpa.svg)](https://codeclimate.com/github/rapid7/nexpose-client)
 
-This is the official gem package for the Ruby Nexpose API.
+This is the official gem package for the Ruby Nexpose API client library.
 
-For assistance with using the gem, to share your scripts, or to discuss different approaches, please visit the Rapid7 forums for Nexpose: https://community.rapid7.com/community/nexpose/nexpose-apis
+For assistance with using the gem, to share your scripts, or to discuss different approaches, please visit the Rapid7 community: https://community.rapid7.com/
 
-Check out https://github.com/rapid7/nexpose-client/wiki for walk-throughs and release notes for recent versions.
+Check out the [wiki](https://github.com/rapid7/nexpose-client/wiki) for walk-throughs and other documentation. Submit bugs and feature requests on the [issues](https://github.com/rapid7/nexpose-client/issues) page.
 
-This gem is heavily used for internal, automated testing of the Nexpose product. It provides calls to the Nexpose XML APIs version 1.1 and 1.2 (except for some multi-tenant operations). It also includes a number of helper methods which are not currently exposed through alternate means.
+This gem is heavily used for internal, automated testing of the Nexpose product. It provides calls to the Nexpose XML APIs version 1.1 and 1.2, and JSON API 2.1. It also includes a number of helper methods which are not currently exposed through alternate means.
 
 ## Release Notes
 

data/lib/nexpose.rb

@@ -65,6 +65,7 @@ require 'nexpose/alert'
 require 'nexpose/ajax'
 require 'nexpose/api_request'
 require 'nexpose/asset'
+require 'nexpose/blackout'
 require 'nexpose/common'
 require 'nexpose/console'
 require 'nexpose/credential'
@@ -78,11 +79,13 @@ require 'nexpose/external'
 require 'nexpose/filter'
 require 'nexpose/discovery'
 require 'nexpose/discovery/filter'
+require 'nexpose/global_blackout'
 require 'nexpose/global_settings'
 require 'nexpose/group'
 require 'nexpose/dag'
 require 'nexpose/manage'
 require 'nexpose/multi_tenant_user'
+require 'nexpose/password_policy'
 require 'nexpose/pool'
 require 'nexpose/report'
 require 'nexpose/report_template'

data/lib/nexpose/blackout.rb

@@ -0,0 +1,44 @@
+module Nexpose
+# Constants useful across the Nexpose module.
+# Configuration structure for blackouts.
+  class Blackout < APIObject
+    # Whether or not this blackout is enabled.
+    attr_accessor :enabled
+    # Valid schedule types: daily, hourly, monthly-date, monthly-day, weekly.
+    attr_accessor :blackout_type
+    # The repeat interval based upon type.
+    attr_accessor :blackout_interval
+    # The earliest date to generate the report on (in ISO 8601 format).
+    attr_accessor :blackout_start
+    # The amount of time, in minutes, a blackout period should last.
+    attr_accessor :blackout_duration
+
+    def initialize(start, enabled=true, duration, type, interval)
+      @blackout_start = start
+      @enabled =enabled
+      @blackout_duration = duration.to_i
+      @blackout_type = type
+      @blackout_interval = interval.to_i
+    end
+
+    def self.from_hash(hash)
+      repeat_blackout_hash = hash[:repeat_blackout]
+      blackout = new(hash[:start_date], hash[:blackout_duration], repeat_blackout_hash[:type], repeat_blackout_hash[:interval])
+      blackout
+    end
+
+    def to_h
+      blackout_hash = {
+          start_date: @blackout_start,
+          enabled: @enabled,
+          blackout_duration: @blackout_duration,
+      }
+      repeat_hash= {
+          type: @blackout_type,
+          interval: @blackout_interval
+      }
+      blackout_hash[:repeat_blackout] = repeat_hash
+      blackout_hash
+    end
+  end
+end

data/lib/nexpose/discovery.rb

@@ -35,6 +35,7 @@ module Nexpose
       HTTPS = 'HTTPS'
       LDAP  = 'LDAP'
       LDAPS = 'LDAPS'
+      SERVICE_PROXY = 'SERVICE_PROXY'
     end
 
     module Type
@@ -43,6 +44,7 @@ module Nexpose
       ACTIVESYNC            = 'ACTIVESYNC'
       ACTIVESYNC_POWERSHELL = 'ACTIVESYNC_POWERSHELL'
       ACTIVESYNC_OFFICE365  = 'ACTIVESYNC_OFFICE365'
+      DHCP_SERVICE = 'DHCP_SERVICE'
     end
 
     # A unique identifier for this connection.
@@ -101,22 +103,41 @@ module Nexpose
       @protocol = Protocol::HTTPS
     end
 
-    # Save this discovery connection to a Nexpose console.
+    # Save this discovery connection on a given Nexpose console.
     #
     # @param [Connection] nsc Connection to a console.
     #
-    def save(nsc)
-      if @id == -1
-        xml = nsc.make_xml('DiscoveryConnectionCreateRequest')
-      else
-        xml = nsc.make_xml('DiscoveryConnectionUpdateRequest')
-      end
+    def create(nsc)
+      xml = nsc.make_xml('DiscoveryConnectionCreateRequest')
       xml.add_element(as_xml)
+
       response = nsc.execute(xml, '1.2')
       if response.success
         ret = REXML::XPath.first(response.res, 'DiscoveryConnectionCreateResponse')
         @id = ret.attributes['id'].to_i unless ret.nil?
       end
+    end
+
+    # Update this (existing) discovery connection on a given Nexpose console.
+    #
+    # @param [Connection] nsc Connection to a console.
+    # @return [Boolean] whether the update request was successful
+    #
+    def update(nsc)
+      xml = nsc.make_xml('DiscoveryConnectionUpdateRequest')
+      xml.add_element(as_xml)
+
+      response = nsc.execute(xml, '1.2')
+      response.success
+    end
+
+    # Save this discovery connection to a Nexpose console.
+    #
+    # @param [Connection] nsc Connection to a console.
+    #
+    def save(nsc)
+      @id == -1 ? create(nsc) : update(nsc)
+
       @id
     end
 
@@ -168,6 +189,7 @@ module Nexpose
       xml.attributes['exchange-password'] = @exchange_password if @exchange_password
       xml.attributes['type']              = @type if @type
       xml.attributes['engine-id'] = @engine_id if @engine_id && @engine_id != -1
+      xml.attributes['id'] = @id if @id && @id != -1
       xml
     end
 

data/lib/nexpose/global_blackout.rb

@@ -0,0 +1,43 @@
+module Nexpose
+
+  class GlobalBlackout < APIObject
+    require 'json'
+    include JsonSerializer
+
+    # [Array] Blackout starting dates, times and duration for blackout periods.
+    attr_accessor :blackout
+
+    def initialize(blackout)
+      @blackout = Array(blackout)
+    end
+
+    def save(nsc)
+      params = to_json
+      AJAX.post(nsc, '/api/2.1/silo_blackout/', params, AJAX::CONTENT_TYPE::JSON)
+    end
+
+    def to_h
+      {
+          blackouts:
+              (@blackout || []).map { |blackout| blackout.to_h }
+      }
+    end
+
+    def to_json
+      JSON.generate(to_h)
+    end
+
+    def self.json_initializer(data)
+      new(blackout: data)
+    end
+
+    def self.load(nsc)
+      uri = '/api/2.1/silo_blackout/'
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      hash = JSON.parse(resp, symbolize_names: true)
+      blackout = self.json_initializer(hash).deserialize(hash)
+      blackout.blackout = (hash[:blackouts] || []).map { |blackout| Nexpose::Blackout.from_hash(blackout) }
+      blackout
+    end
+  end
+end

data/lib/nexpose/password_policy.rb

@@ -0,0 +1,57 @@
+module Nexpose
+  require 'json'
+  # Configuration structure for password policies.
+  class PasswordPolicy < APIObject
+    attr_accessor :policy_name
+    attr_accessor :min_length
+    attr_accessor :max_length
+    attr_accessor :capitals
+    attr_accessor :digits
+    attr_accessor :special_chars
+
+    def initialize(policy_name:, min_length:, max_length:, special_chars:, capitals:, digits:)
+      @policy_name = policy_name.to_s
+      @min_length = min_length.to_i
+      @max_length = max_length.to_i
+      @special_chars = special_chars.to_i
+      @capitals = capitals.to_i
+      @digits = digits.to_i
+    end
+
+    def self.from_hash(hash)
+      new(policy_name: hash[:policyName],
+          min_length: hash[:minLength],
+          max_length: hash[:maxLength],
+          special_chars: hash[:specialChars],
+          capitals: hash[:capitals],
+          digits: hash[:digits])
+    end
+
+    def to_h
+      {
+          policyName: @policy_name,
+          minLength: @min_length,
+          maxLength: @max_length,
+          specialChars: @special_chars,
+          capitals: @capitals,
+          digits: @digits
+      }
+    end
+
+    def to_json
+      JSON.generate(to_h)
+    end
+
+    def save(nsc)
+      params = to_json
+      AJAX.post(nsc, '/api/2.1/password_policy/', params, AJAX::CONTENT_TYPE::JSON)
+    end
+
+    def self.load(nsc)
+      uri = '/api/2.1/password_policy/'
+      resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
+      hash = JSON.parse(resp, symbolize_names: true)
+      self.from_hash(hash)
+    end
+  end
+end

data/lib/nexpose/site.rb

@@ -108,6 +108,8 @@ module Nexpose
     # [Array] Schedule starting dates and times for scans, and set their frequency.
     attr_accessor :schedules
 
+    # [Array] Blackout starting dates, times and duration for blackout periods.
+    attr_accessor :blackouts
 
     # The risk factor associated with this site. Default: 1.0
     attr_accessor :risk_factor
@@ -162,6 +164,7 @@ module Nexpose
       @risk_factor = 1.0
       @config_version = 3
       @schedules = []
+      @blackouts = []
       @included_scan_targets = { addresses: [], asset_groups: [] }
       @excluded_scan_targets = { addresses: [], asset_groups: [] }
       @site_credentials = []
@@ -463,7 +466,7 @@ module Nexpose
           asset_groups: @excluded_scan_targets[:asset_groups].compact
       }
 
-      {
+      hash = {
           id: @id,
           name: @name,
           description: @description,
@@ -484,6 +487,11 @@ module Nexpose
           organization: @organization.to_h,
           users: users
       }
+      # @TODO: Revisit this for 2.0.0 update
+      # Only pass in blackouts if they were actually specified (for backwards compatibility)
+      hash[:blackouts] = @blackouts.map(&:to_h) if @blackouts && @blackouts.any?
+
+      hash
     end
 
     require 'json'
@@ -510,6 +518,7 @@ module Nexpose
 
       site.organization = Organization.create(site.organization)
       site.schedules = (hash[:schedules] || []).map {|schedule| Nexpose::Schedule.from_hash(schedule) }
+      site.blackouts = (hash[:blackouts] || []).map {|blackout| Nexpose::Blackout.from_hash(blackout) }
       site.site_credentials = hash[:site_credentials].map {|cred| Nexpose::SiteCredentials.new.object_from_hash(nsc,cred)}
       site.shared_credentials = hash[:shared_credentials].map {|cred| Nexpose::SiteCredentials.new.object_from_hash(nsc,cred)}
       site.discovery_config = Nexpose::DiscoveryConnection.new.object_from_hash(nsc, hash[:discovery_config]) unless hash[:discovery_config].nil?

data/lib/nexpose/site_credentials.rb

@@ -67,6 +67,7 @@ module Nexpose
       cred.port_restriction = port
       cred.service = service
       cred.scope = Credential::Scope::SITE_SPECIFIC
+      cred.permission_elevation_type = Credential::ElevationType::NONE
       cred
     end
 

data/lib/nexpose/version.rb

@@ -1,4 +1,4 @@
 module Nexpose
   # The latest version of the Nexpose gem
-  VERSION = '1.0.0'
+  VERSION = '1.1.0'
 end

data/nexpose.gemspec

@@ -0,0 +1,30 @@
+# encoding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'nexpose/version'
+
+Gem::Specification.new do |s|
+  s.name                  = 'nexpose'
+  s.version               = Nexpose::VERSION
+  s.homepage              = 'https://github.com/rapid7/nexpose-client'
+  s.summary               = 'Ruby API for Rapid7 Nexpose'
+  s.description           = 'This gem provides a Ruby API to the Nexpose vulnerability management product by Rapid7.'
+  s.license               = 'BSD'
+  s.authors               = ['HD Moore', 'Chris Lee', 'Michael Daines', 'Brandon Turner', 'Gavin Schneider', 'Scott Green']
+  s.email                 = ['hd_moore@rapid7.com', 'christopher_lee@rapid7.com', 'michael_daines@rapid7.com', 'brandon_turner@rapid7.com', 'gavin_schneider@rapid7.com', 'scott_green@rapid7.com']
+  s.files                 = Dir['[A-Z]*'] + Dir['lib/**/*']
+  s.require_paths         = ['lib']
+  s.extra_rdoc_files      = ['README.markdown']
+  s.required_ruby_version = '>= 2.1'
+  s.platform              = 'ruby'
+
+  s.add_runtime_dependency('rex', '~> 2.0', '>= 2.0.8')
+
+  s.add_development_dependency('bundler', '~> 1.3')
+  s.add_development_dependency('codeclimate-test-reporter', '~> 0.4.6')
+  s.add_development_dependency('simplecov', '~> 0.9.1')
+  s.add_development_dependency('rspec', '~> 3.2')
+  s.add_development_dependency('rubocop', '~> 0.29.0')
+  s.add_development_dependency('webmock', '~> 1.20.4')
+  s.add_development_dependency('vcr', '~> 2.9.3')
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - HD Moore
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-08 00:00:00.000000000 Z
+date: 2015-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rex
@@ -160,6 +160,7 @@ files:
 - lib/nexpose/api.rb
 - lib/nexpose/api_request.rb
 - lib/nexpose/asset.rb
+- lib/nexpose/blackout.rb
 - lib/nexpose/common.rb
 - lib/nexpose/connection.rb
 - lib/nexpose/console.rb
@@ -173,12 +174,14 @@ files:
 - lib/nexpose/error.rb
 - lib/nexpose/external.rb
 - lib/nexpose/filter.rb
+- lib/nexpose/global_blackout.rb
 - lib/nexpose/global_settings.rb
 - lib/nexpose/group.rb
 - lib/nexpose/json_serializer.rb
 - lib/nexpose/maint.rb
 - lib/nexpose/manage.rb
 - lib/nexpose/multi_tenant_user.rb
+- lib/nexpose/password_policy.rb
 - lib/nexpose/pool.rb
 - lib/nexpose/report.rb
 - lib/nexpose/report_template.rb
@@ -202,6 +205,7 @@ files:
 - lib/nexpose/vuln_exception.rb
 - lib/nexpose/wait.rb
 - lib/nexpose/web_credentials.rb
+- nexpose.gemspec
 homepage: https://github.com/rapid7/nexpose-client
 licenses:
 - BSD
@@ -222,7 +226,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 2.4.6
 signing_key: 
 specification_version: 4
 summary: Ruby API for Rapid7 Nexpose