nexpose 2.0.2 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/nexpose/scan_template.rb +96 -10
- data/lib/nexpose/silo_profile.rb +1 -1
- data/lib/nexpose/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 66817396a7b72235d96f4349658d982731f19220
|
|
4
|
+
data.tar.gz: 8eb90d767993a6dc3232f32ebe41dd78d5643c69
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fa0dd9f478eb1226251800645824d13b832e5a39bd90f7d8587883e6b3b579d819fd56021fb16492a837ef7a245865dc82bd6b6ab0640b62aa6d9ad59d041d80
|
|
7
|
+
data.tar.gz: 8b1029a519ed52d8506bc9c0141c68c375bdea3a5a7fc1c8aaddb3b409a7a6d42ce0c740f252891c4cc5fee9e788141f3b6e6e5e5a795864132f5d1ea2a1e60c
|
data/Gemfile.lock
CHANGED
|
@@ -312,13 +312,28 @@ module Nexpose
|
|
|
312
312
|
checks.attributes['potential'] = enable ? '1' : '0'
|
|
313
313
|
end
|
|
314
314
|
|
|
315
|
-
# Get a list of the check categories
|
|
315
|
+
# Get a list of the check categories disabled for this scan template.
|
|
316
316
|
#
|
|
317
317
|
# @return [Array[String]] List of enabled categories.
|
|
318
318
|
#
|
|
319
|
+
def disabled_checks_by_category
|
|
320
|
+
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
|
|
321
|
+
checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
|
|
322
|
+
end
|
|
323
|
+
|
|
324
|
+
# @deprecated Use {#enabled_checks_by_category} instead
|
|
319
325
|
def checks_by_category
|
|
326
|
+
warn "[DEPRECATED] Use #{self.class}#enabled_checks_by_category instead of #{self.class}##{__method__}"
|
|
327
|
+
enabled_checks_by_category
|
|
328
|
+
end
|
|
329
|
+
|
|
330
|
+
# Get a list of the check categories enabled for this scan template.
|
|
331
|
+
#
|
|
332
|
+
# @return [Array[String]] List of enabled categories.
|
|
333
|
+
#
|
|
334
|
+
def enabled_checks_by_category
|
|
320
335
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
|
|
321
|
-
checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] }
|
|
336
|
+
checks ? checks.elements.to_a('VulnCategory').map { |c| c.attributes['name'] } : []
|
|
322
337
|
end
|
|
323
338
|
|
|
324
339
|
# Enable checks by category for this template.
|
|
@@ -346,13 +361,28 @@ module Nexpose
|
|
|
346
361
|
_remove_check(category, 'VulnCategory')
|
|
347
362
|
end
|
|
348
363
|
|
|
349
|
-
# Get a list of the check types
|
|
364
|
+
# Get a list of the check types disabled for this scan template.
|
|
350
365
|
#
|
|
351
366
|
# @return [Array[String]] List of enabled check types.
|
|
352
367
|
#
|
|
368
|
+
def disabled_checks_by_type
|
|
369
|
+
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
|
|
370
|
+
checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
|
|
371
|
+
end
|
|
372
|
+
|
|
373
|
+
# @deprecated Use {#enabled_checks_by_type} instead
|
|
353
374
|
def checks_by_type
|
|
375
|
+
warn "[DEPRECATED] Use #{self.class}#enabled_checks_by_type instead of #{self.class}##{__method__}"
|
|
376
|
+
enabled_checks_by_type
|
|
377
|
+
end
|
|
378
|
+
|
|
379
|
+
# Get a list of the check types enabled for this scan template.
|
|
380
|
+
#
|
|
381
|
+
# @return [Array[String]] List of enabled check types.
|
|
382
|
+
#
|
|
383
|
+
def enabled_checks_by_type
|
|
354
384
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
|
|
355
|
-
checks.elements.to_a('CheckType').map { |c| c.attributes['name'] }
|
|
385
|
+
checks ? checks.elements.to_a('CheckType').map { |c| c.attributes['name'] } : []
|
|
356
386
|
end
|
|
357
387
|
|
|
358
388
|
# Enable checks by type for this template.
|
|
@@ -383,13 +413,15 @@ module Nexpose
|
|
|
383
413
|
def _enable_check(check, elem)
|
|
384
414
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
385
415
|
checks.elements.delete("Disabled/#{elem}[@name='#{check}']")
|
|
386
|
-
checks.elements['Enabled'].add_element(
|
|
416
|
+
enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
|
|
417
|
+
enabled_checks.add_element(elem, { 'name' => check })
|
|
387
418
|
end
|
|
388
419
|
|
|
389
420
|
def _disable_check(check, elem)
|
|
390
421
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
391
422
|
checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
|
|
392
|
-
checks.elements['Disabled'].add_element(
|
|
423
|
+
disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
|
|
424
|
+
disabled_checks.add_element(elem, { 'name' => check })
|
|
393
425
|
end
|
|
394
426
|
|
|
395
427
|
def _remove_check(check, elem)
|
|
@@ -398,13 +430,28 @@ module Nexpose
|
|
|
398
430
|
checks.elements.delete("Enabled/#{elem}[@name='#{check}']")
|
|
399
431
|
end
|
|
400
432
|
|
|
433
|
+
# @deprecated Use {#enabled_vuln_checks} instead
|
|
434
|
+
def vuln_checks
|
|
435
|
+
warn "[DEPRECATED] Use #{self.class}#enabled_vuln_checks instead of #{self.class}##{__method__}"
|
|
436
|
+
enabled_vuln_checks
|
|
437
|
+
end
|
|
438
|
+
|
|
401
439
|
# Get a list of the individual vuln checks enabled for this scan template.
|
|
402
440
|
#
|
|
403
441
|
# @return [Array[String]] List of enabled vulnerability checks.
|
|
404
442
|
#
|
|
405
|
-
def
|
|
443
|
+
def enabled_vuln_checks
|
|
406
444
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Enabled')
|
|
407
|
-
checks.elements.to_a('Check').map { |c| c.attributes['id'] }
|
|
445
|
+
checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
|
|
446
|
+
end
|
|
447
|
+
|
|
448
|
+
# Get a list of the individual vuln checks disabled for this scan template.
|
|
449
|
+
#
|
|
450
|
+
# @return [Array[String]] List of enabled vulnerability checks.
|
|
451
|
+
#
|
|
452
|
+
def disabled_vuln_checks
|
|
453
|
+
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks/Disabled')
|
|
454
|
+
checks ? checks.elements.to_a('Check').map { |c| c.attributes['id'] } : []
|
|
408
455
|
end
|
|
409
456
|
|
|
410
457
|
# Enable individual check for this template.
|
|
@@ -414,7 +461,8 @@ module Nexpose
|
|
|
414
461
|
def enable_vuln_check(check_id)
|
|
415
462
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
416
463
|
checks.elements.delete("Disabled/Check[@id='#{check_id}']")
|
|
417
|
-
checks.elements['Enabled'].add_element('
|
|
464
|
+
enabled_checks = checks.elements['Enabled'] || checks.add_element('Enabled')
|
|
465
|
+
enabled_checks.add_element('Check', { 'id' => check_id })
|
|
418
466
|
end
|
|
419
467
|
|
|
420
468
|
# Disable individual check for this template.
|
|
@@ -424,7 +472,8 @@ module Nexpose
|
|
|
424
472
|
def disable_vuln_check(check_id)
|
|
425
473
|
checks = REXML::XPath.first(@xml, '//VulnerabilityChecks')
|
|
426
474
|
checks.elements.delete("Enabled/Check[@id='#{check_id}']")
|
|
427
|
-
checks.elements['Disabled'].add_element('
|
|
475
|
+
disabled_checks = checks.elements['Disabled'] || checks.add_element('Disabled')
|
|
476
|
+
disabled_checks.add_element('Check', { 'id' => check_id })
|
|
428
477
|
end
|
|
429
478
|
|
|
430
479
|
# Remove individual check for this template. Removes both enabled and
|
|
@@ -491,5 +540,42 @@ module Nexpose
|
|
|
491
540
|
def delete(nsc)
|
|
492
541
|
nsc.delete_scan_template(id)
|
|
493
542
|
end
|
|
543
|
+
|
|
544
|
+
# Enable or disable asset configuration scanning for this template. If
|
|
545
|
+
# the level is not "full", "default" or "none", this is a no-op.
|
|
546
|
+
#
|
|
547
|
+
# @param [String] "full" to enable asset configuration logging, and
|
|
548
|
+
# "default" or "none" to disable it.
|
|
549
|
+
def aces_level=(level)
|
|
550
|
+
return if level.nil?
|
|
551
|
+
return unless ['full', 'default', 'none'].include? level.downcase
|
|
552
|
+
logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
|
|
553
|
+
if (logging.nil?)
|
|
554
|
+
logging = REXML::Element.new('Logging')
|
|
555
|
+
@xml.add_element(logging)
|
|
556
|
+
end
|
|
557
|
+
aces = REXML::XPath.first(logging, 'aces')
|
|
558
|
+
if (aces.nil?)
|
|
559
|
+
aces = REXML::Element.new('aces')
|
|
560
|
+
logging.add_element(aces)
|
|
561
|
+
end
|
|
562
|
+
aces.attributes['level'] = level
|
|
563
|
+
end
|
|
564
|
+
|
|
565
|
+
# @return [String] the asset configuration logging value for this
|
|
566
|
+
# template.
|
|
567
|
+
def aces_level
|
|
568
|
+
logging = REXML::XPath.first(@xml, 'ScanTemplate/Logging')
|
|
569
|
+
return 'default' if logging.nil?
|
|
570
|
+
aces = REXML::XPath.first(logging, 'aces')
|
|
571
|
+
return 'default' if aces.nil?
|
|
572
|
+
return aces.attributes['level']
|
|
573
|
+
end
|
|
574
|
+
|
|
575
|
+
# @return [Boolean] whether asset configuration scanning is enabled for
|
|
576
|
+
# this template.
|
|
577
|
+
def aces_enabled?
|
|
578
|
+
return 'full' == aces_level
|
|
579
|
+
end
|
|
494
580
|
end
|
|
495
581
|
end
|
data/lib/nexpose/silo_profile.rb
CHANGED
|
@@ -107,7 +107,7 @@ module Nexpose
|
|
|
107
107
|
begin
|
|
108
108
|
update(connection)
|
|
109
109
|
rescue APIError => error
|
|
110
|
-
raise error unless (error.message =~ /
|
|
110
|
+
raise error unless (error.message =~ /silo profile(\S*|.*?)does not exist/i)
|
|
111
111
|
create(connection)
|
|
112
112
|
end
|
|
113
113
|
end
|
data/lib/nexpose/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexpose
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- HD Moore
|
|
@@ -13,7 +13,7 @@ authors:
|
|
|
13
13
|
autorequire:
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
|
-
date: 2015-
|
|
16
|
+
date: 2015-10-07 00:00:00.000000000 Z
|
|
17
17
|
dependencies:
|
|
18
18
|
- !ruby/object:Gem::Dependency
|
|
19
19
|
name: rex
|