nexpose_servicenow 0.4.15 → 0.4.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -13
- data/lib/nexpose_servicenow.rb +2 -2
- data/lib/nexpose_servicenow/historical_data.rb +42 -8
- data/lib/nexpose_servicenow/queries.rb +5 -5
- data/lib/nexpose_servicenow/version.rb +1 -1
- metadata +11 -11
checksums.yaml
CHANGED
|
@@ -1,15 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
|
|
5
|
-
data.tar.gz: !binary |-
|
|
6
|
-
NmEyMjJjOGM2YmUzZGRmYThhZGMzNGI5MWFjNGNkMmU3MzYxMjc4Mg==
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 069e970f4c54d280fa516be42dd68b28d7759eca
|
|
4
|
+
data.tar.gz: 335ecf4c273e1e2f95a109d9b50a17e881576714
|
|
7
5
|
SHA512:
|
|
8
|
-
metadata.gz:
|
|
9
|
-
|
|
10
|
-
NmJmNGMzYzEzODRkNGI5YTk2ZTJjNTA0NTFjODRlM2E2NjZjZDkyNzZmYjhl
|
|
11
|
-
MTEwZWRhOWFiZjI0ZTQzZGI5ODZjYzZlZDAzY2U4ZTdlMTI3ZDM=
|
|
12
|
-
data.tar.gz: !binary |-
|
|
13
|
-
Y2ZiZTllNWM2ZDgyM2IwOWRkM2RmY2MwNDQ0NjE5NTI3ODM2YzQ2MGZkYzMw
|
|
14
|
-
M2U0YzdhNGQ4MzI4Mjg2MWM3NjVjOTYxZjI0MjJhOGJhNzkyMmEwOTI3ZjE2
|
|
15
|
-
NzUxNjg1YjgxMjAwODZiZjVjMDVmODI1Mjc2NjQ0MjIzZDc4MmQ=
|
|
6
|
+
metadata.gz: c7a070f0f11759224e8230ee419d0f955ae2b9e048c1b51ed619cfd23e3e6a424a85024a224e87a1cfb4688c042ea74c71ec2972a0a5359e8de89335f7a862c8
|
|
7
|
+
data.tar.gz: 38d9dc74e024bc2744f32bdd0a6188f8d1ec6ef13cda9d42e816134e9d911132c8919290b9063da36786b7ed162b944df699167de2d8f446bc241968886dc3d2
|
data/lib/nexpose_servicenow.rb
CHANGED
|
@@ -61,6 +61,8 @@ module NexposeServiceNow
|
|
|
61
61
|
return unless options[:mode] == "latest_scans"
|
|
62
62
|
historical_data = HistoricalData.new(options)
|
|
63
63
|
historical_data.update_last_scan_data
|
|
64
|
+
|
|
65
|
+
historical_data.save_vuln_timestamp(filter_sites(options))
|
|
64
66
|
end
|
|
65
67
|
|
|
66
68
|
#Create a report if explicitly required or else an existing
|
|
@@ -90,8 +92,6 @@ module NexposeServiceNow
|
|
|
90
92
|
options[:output_dir],
|
|
91
93
|
query_options)
|
|
92
94
|
|
|
93
|
-
hist_data.create_last_vuln_data(start_time, sites_to_scan) if vuln_query
|
|
94
|
-
|
|
95
95
|
#A single String may be returned or an Array of Strings
|
|
96
96
|
if filename.class.to_s == "Array"
|
|
97
97
|
filename.map! { |f| File.expand_path(options[:output_dir], f) }
|
|
@@ -3,17 +3,21 @@ require_relative './nx_logger'
|
|
|
3
3
|
|
|
4
4
|
module NexposeServiceNow
|
|
5
5
|
class HistoricalData
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
6
|
+
REPORT_FILE = "Nexpose-ServiceNow-latest_scans.csv"
|
|
7
|
+
STORED_FILE = "last_scan_data.csv"
|
|
8
|
+
TIMESTAMP_FILE = "last_vuln_run.csv"
|
|
9
|
+
NEW_TIMESTAMP_FILE = "new_vuln_timestamp.csv"
|
|
9
10
|
|
|
10
11
|
def initialize(options)
|
|
11
|
-
|
|
12
|
+
local_dir = File.expand_path(options[:output_dir])
|
|
12
13
|
@ids = options[:nexpose_ids]
|
|
13
14
|
|
|
14
|
-
@local_file = File.join(
|
|
15
|
-
@remote_file = File.join(
|
|
16
|
-
|
|
15
|
+
@local_file = File.join(local_dir, STORED_FILE)
|
|
16
|
+
@remote_file = File.join(local_dir, REPORT_FILE)
|
|
17
|
+
|
|
18
|
+
# File containing the timestamp used in vulnerability queries
|
|
19
|
+
@timestamp_file = File.join(local_dir, TIMESTAMP_FILE)
|
|
20
|
+
@prev_timestamp_file = File.join(local_dir, NEW_TIMESTAMP_FILE)
|
|
17
21
|
|
|
18
22
|
@log = NexposeServiceNow::NxLogger.instance
|
|
19
23
|
@log.log_message "Retrieving environment variables."
|
|
@@ -136,17 +140,47 @@ module NexposeServiceNow
|
|
|
136
140
|
end
|
|
137
141
|
end
|
|
138
142
|
|
|
143
|
+
|
|
144
|
+
#insert sites?
|
|
145
|
+
def save_vuln_timestamp(sites=[])
|
|
146
|
+
start_time = Time.new
|
|
147
|
+
|
|
148
|
+
#Read timestamp from new timestamp file (substitute base time)
|
|
149
|
+
if File.exist? @prev_timestamp_file
|
|
150
|
+
file = File.expand_path(@prev_timestamp_file)
|
|
151
|
+
csv = CSV.open(file, headers:true)
|
|
152
|
+
line = csv.readline
|
|
153
|
+
last_run = line['Last Scan Time']
|
|
154
|
+
last_sites = line['Sites']
|
|
155
|
+
csv.close
|
|
156
|
+
|
|
157
|
+
File.delete(file)
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
last_run ||= Time.new(1985)
|
|
161
|
+
last_sites ||= []
|
|
162
|
+
last_run = last_run.strftime("%Y-%m-%d") if last_run.class.to_s == 'Time'
|
|
163
|
+
create_last_vuln_data(last_run, last_sites)
|
|
164
|
+
|
|
165
|
+
file = File.expand_path(@prev_timestamp_file)
|
|
166
|
+
CSV.open(file, 'w') do |csv|
|
|
167
|
+
csv << ['Last Scan Time', 'Sites']
|
|
168
|
+
csv << [start_time.strftime("%Y-%m-%d"), sites.join(',')]
|
|
169
|
+
end
|
|
170
|
+
end
|
|
171
|
+
|
|
139
172
|
def create_last_vuln_data(time=nil, sites=[])
|
|
140
173
|
@log.log_message 'Creating last vulnerability scan time file.'
|
|
141
174
|
|
|
142
175
|
time ||= Time.new(1985)
|
|
143
176
|
time = time.strftime("%Y-%m-%d") if time.class.to_s == 'Time'
|
|
177
|
+
sites = sites.join(',') if sites.class.to_s == 'Array'
|
|
144
178
|
|
|
145
179
|
file = File.expand_path(@timestamp_file)
|
|
146
180
|
|
|
147
181
|
CSV.open(file, 'w') do |csv|
|
|
148
182
|
csv << ['Last Scan Time', 'Sites']
|
|
149
|
-
csv << [time, sites
|
|
183
|
+
csv << [time, sites]
|
|
150
184
|
end
|
|
151
185
|
end
|
|
152
186
|
|
|
@@ -122,11 +122,11 @@ module NexposeServiceNow
|
|
|
122
122
|
end
|
|
123
123
|
|
|
124
124
|
def self.software_instance(options={})
|
|
125
|
-
"SELECT asset_id as Nexpose_ID, coalesce(da.host_name, CAST(da.asset_id as text)) as Installed_On, ds.name, ds.
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
125
|
+
"SELECT asset_id as Nexpose_ID, coalesce(da.host_name, CAST(da.asset_id as text)) as Installed_On, ds.name, ds.Family, ds.Vendor, ds.version, ds.cpe
|
|
126
|
+
FROM fact_asset_scan_software
|
|
127
|
+
LEFT OUTER JOIN (SELECT software_id, name as Name, vendor as Vendor, family as Family, version, cpe FROM dim_software) ds USING (software_id)
|
|
128
|
+
LEFT OUTER JOIN (SELECT asset_id, host_name FROM dim_asset) da USING (asset_id)
|
|
129
|
+
WHERE scan_id = lastScan(asset_id)"
|
|
130
130
|
end
|
|
131
131
|
|
|
132
132
|
def self.service_instance(options={})
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexpose_servicenow
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.16
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Valente
|
|
@@ -9,48 +9,48 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-
|
|
12
|
+
date: 2016-07-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- - ~>
|
|
18
|
+
- - "~>"
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
20
|
version: '1.11'
|
|
21
21
|
type: :development
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- - ~>
|
|
25
|
+
- - "~>"
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
27
|
version: '1.11'
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: rake
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
31
31
|
requirements:
|
|
32
|
-
- - ~>
|
|
32
|
+
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
34
|
version: '10.0'
|
|
35
35
|
type: :development
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
|
-
- - ~>
|
|
39
|
+
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
41
|
version: '10.0'
|
|
42
42
|
- !ruby/object:Gem::Dependency
|
|
43
43
|
name: nexpose
|
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
|
45
45
|
requirements:
|
|
46
|
-
- - ~>
|
|
46
|
+
- - "~>"
|
|
47
47
|
- !ruby/object:Gem::Version
|
|
48
48
|
version: '3.2'
|
|
49
49
|
type: :runtime
|
|
50
50
|
prerelease: false
|
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
|
-
- - ~>
|
|
53
|
+
- - "~>"
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
55
|
version: '3.2'
|
|
56
56
|
description: Provides an interface to Nexpose for the Rapid7 ServiceNow MarketPlace
|
|
@@ -88,17 +88,17 @@ require_paths:
|
|
|
88
88
|
- lib
|
|
89
89
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
90
90
|
requirements:
|
|
91
|
-
- -
|
|
91
|
+
- - ">="
|
|
92
92
|
- !ruby/object:Gem::Version
|
|
93
93
|
version: '0'
|
|
94
94
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
95
95
|
requirements:
|
|
96
|
-
- -
|
|
96
|
+
- - ">="
|
|
97
97
|
- !ruby/object:Gem::Version
|
|
98
98
|
version: '0'
|
|
99
99
|
requirements: []
|
|
100
100
|
rubyforge_project:
|
|
101
|
-
rubygems_version: 2.
|
|
101
|
+
rubygems_version: 2.4.8
|
|
102
102
|
signing_key:
|
|
103
103
|
specification_version: 4
|
|
104
104
|
summary: Gem for Nexpose-ServiceNow marketplace application integration. Requires
|