nexpose 5.3.2 → 6.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/nexpose/version.rb +1 -1
- data/lib/nexpose/vuln_exception.rb +77 -14
- data/nexpose-5.3.3.gem +0 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 029e85ea3805696b880d54b2da6bf87848e675c1
|
|
4
|
+
data.tar.gz: 9a612be818593467a71c2f03602e5aff84c2b45e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ed7e089a3dddde81fb7d4fb5b4417a2a82a9acf5c6207e9daec1afe96c48dd20674f10f8b2eea4c3b6dfff4353e4b589b0dae65a824e6c3dc4b9dbfee636c781
|
|
7
|
+
data.tar.gz: e0dde0ee45a096eca308c3cf4f5b716109c0acac15fbdd45e45b456775f168c3486bee536466a9046695f284ecc8662d7d6a68e0f57a052d74b4204733c629f8
|
data/Gemfile.lock
CHANGED
data/lib/nexpose/version.rb
CHANGED
|
@@ -3,31 +3,69 @@ module Nexpose
|
|
|
3
3
|
class Connection
|
|
4
4
|
include XMLUtils
|
|
5
5
|
|
|
6
|
-
# Retrieve vulnerability exceptions.
|
|
6
|
+
# Retrieve all active vulnerability exceptions.
|
|
7
7
|
#
|
|
8
8
|
# @param [String] status Filter exceptions by the current status.
|
|
9
9
|
# @see Nexpose::VulnException::Status
|
|
10
|
-
# @param [String] duration A time interval in the format "PnYnMnDTnHnMnS".
|
|
11
10
|
# @return [Array[VulnException]] List of matching vulnerability exceptions.
|
|
12
11
|
#
|
|
13
|
-
def list_vuln_exceptions(status = nil
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
12
|
+
def list_vuln_exceptions(status = nil)
|
|
13
|
+
unless is_valid_vuln_exception_status?(status)
|
|
14
|
+
raise "Unknown Status ~> '#{status}' :: For available options refer to Nexpose::VulnException::Status"
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
status = Nexpose::VulnException::Status.const_get(status_string_to_constant(status)) unless status.nil?
|
|
18
|
+
|
|
19
|
+
results = []
|
|
20
|
+
ajax_data = []
|
|
21
|
+
|
|
22
|
+
url_size = 500
|
|
23
|
+
url_page = 0
|
|
24
|
+
|
|
25
|
+
req = Nexpose::AJAX.get(self, "/api/experimental/vulnerability_exceptions?_size=#{url_size}&_page=#{url_page}")
|
|
26
|
+
data = JSON.parse(req, object_class: OpenStruct)
|
|
27
|
+
ajax_data << data._resources
|
|
28
|
+
|
|
29
|
+
if data._links.count > 1
|
|
30
|
+
loop do
|
|
31
|
+
url_page += 1
|
|
32
|
+
req = Nexpose::AJAX.get(self, "/api/experimental/vulnerability_exceptions?_size=#{url_size}&_page=#{url_page}")
|
|
33
|
+
data = JSON.parse(req, object_class: OpenStruct)
|
|
34
|
+
ajax_data << data._resources
|
|
35
|
+
links = data._links.select { |ll| ['self', 'last'].include?(ll.rel) }
|
|
36
|
+
break if links[0].href == links[1].href
|
|
24
37
|
end
|
|
25
38
|
end
|
|
26
|
-
|
|
39
|
+
|
|
40
|
+
ajax_data.compact!
|
|
41
|
+
ajax_data.flatten!
|
|
42
|
+
|
|
43
|
+
ajax_data.each do |vuln_excep|
|
|
44
|
+
ve = VulnException.new(vuln_excep.scope.vulnerabilityID, vuln_excep.scope.type, vuln_excep.submit.reason, vuln_excep.state)
|
|
45
|
+
ve.id = vuln_excep.id
|
|
46
|
+
ve.submitter = vuln_excep.submit.name
|
|
47
|
+
ve.submitter_comment = vuln_excep.submit.comment
|
|
48
|
+
ve.submit_date = Time.parse(vuln_excep.submit.date) unless vuln_excep.submit.date.nil?
|
|
49
|
+
ve.asset_id = vuln_excep.scope.assetID
|
|
50
|
+
ve.site_id = vuln_excep.scope.siteID
|
|
51
|
+
ve.asset_group_id = vuln_excep.scope.assetGroupID
|
|
52
|
+
ve.port = vuln_excep.scope.port
|
|
53
|
+
ve.vuln_key = vuln_excep.scope.key
|
|
54
|
+
ve.expiration = Time.parse(vuln_excep.expires) unless vuln_excep.expires.nil?
|
|
55
|
+
unless vuln_excep.review.nil?
|
|
56
|
+
ve.reviewer = vuln_excep.review.name
|
|
57
|
+
ve.reviewer_comment = vuln_excep.review.comment
|
|
58
|
+
ve.review_date = Time.parse(vuln_excep.review.date) unless vuln_excep.review.date.nil?
|
|
59
|
+
end
|
|
60
|
+
results << ve
|
|
61
|
+
end
|
|
62
|
+
results.keep_if { |v| v.status == status } unless status.nil?
|
|
63
|
+
return results
|
|
27
64
|
end
|
|
28
65
|
|
|
29
66
|
alias_method :vuln_exceptions, :list_vuln_exceptions
|
|
30
67
|
|
|
68
|
+
|
|
31
69
|
# Resubmit a vulnerability exception request with a new comment and reason
|
|
32
70
|
# after an exception has been rejected.
|
|
33
71
|
#
|
|
@@ -76,6 +114,24 @@ module Nexpose
|
|
|
76
114
|
{ 'exception-id' => id })
|
|
77
115
|
execute(xml, '1.2').success
|
|
78
116
|
end
|
|
117
|
+
|
|
118
|
+
|
|
119
|
+
private
|
|
120
|
+
|
|
121
|
+
def is_valid_vuln_exception_status?(status)
|
|
122
|
+
return true if status.nil?
|
|
123
|
+
valid_status = []
|
|
124
|
+
Nexpose::VulnException::Status.constants.each {|con| valid_status << Nexpose::VulnException::Status.const_get(con) }
|
|
125
|
+
valid_status << Nexpose::VulnException::Status.constants.map(&:to_s).map(&:downcase)
|
|
126
|
+
valid_status.flatten.map(&:downcase).include?(status.downcase)
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def status_string_to_constant(status)
|
|
130
|
+
Nexpose::VulnException::Status.constants.find do |name|
|
|
131
|
+
Nexpose::VulnException::Status.const_get(name).to_s.downcase==status.downcase || status.to_sym.downcase == name.downcase
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
|
|
79
135
|
end
|
|
80
136
|
|
|
81
137
|
# A vulnerability exception.
|
|
@@ -117,6 +173,8 @@ module Nexpose
|
|
|
117
173
|
alias :device_id= :asset_id=
|
|
118
174
|
# Id of the site, if this exception applies to all instances on a site
|
|
119
175
|
attr_accessor :site_id
|
|
176
|
+
# ID of the Asset Group, if this exception applies to all instances on an asset group
|
|
177
|
+
attr_accessor :asset_group_id
|
|
120
178
|
# Port on a asset, if this exception applies to a specific port.
|
|
121
179
|
attr_accessor :port
|
|
122
180
|
# The specific vulnerable component in a discovered instance of the
|
|
@@ -130,6 +188,11 @@ module Nexpose
|
|
|
130
188
|
attr_accessor :submitter_comment
|
|
131
189
|
# Any comment provided by the reviewer.
|
|
132
190
|
attr_accessor :reviewer_comment
|
|
191
|
+
# Date when the Review occurred [Time]
|
|
192
|
+
attr_accessor :review_date
|
|
193
|
+
# Date when Submit occurred [Time]
|
|
194
|
+
attr_accessor :submit_date
|
|
195
|
+
|
|
133
196
|
|
|
134
197
|
def initialize(vuln_id, scope, reason, status = nil)
|
|
135
198
|
@vuln_id, @scope, @reason, @status = vuln_id, scope, reason, status
|
data/nexpose-5.3.3.gem
ADDED
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexpose
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 6.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- HD Moore
|
|
@@ -13,7 +13,7 @@ authors:
|
|
|
13
13
|
autorequire:
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
|
-
date: 2017-03
|
|
16
|
+
date: 2017-04-03 00:00:00.000000000 Z
|
|
17
17
|
dependencies:
|
|
18
18
|
- !ruby/object:Gem::Dependency
|
|
19
19
|
name: bundler
|
|
@@ -206,6 +206,7 @@ files:
|
|
|
206
206
|
- lib/nexpose/vuln_exception.rb
|
|
207
207
|
- lib/nexpose/wait.rb
|
|
208
208
|
- lib/nexpose/web_credentials.rb
|
|
209
|
+
- nexpose-5.3.3.gem
|
|
209
210
|
- nexpose.gemspec
|
|
210
211
|
homepage: https://github.com/rapid7/nexpose-client
|
|
211
212
|
licenses:
|