nexpose_tpam 1.0.1-java

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: ecd3795f84d26052a44a0f963791a1e7b3ff3f86
+  data.tar.gz: eb3684ad1aebb67e934e260f17a7925e97b2e766
+SHA512:
+  metadata.gz: c03ceda6a52c156933a1cc14ef45605b5877b40f7f4f5866ebfd8eb61b984437af50e2c7823328b1d610f128dec845f1f70b531538542d86e191e80ddf6b97f9
+  data.tar.gz: ba3baba8c708e762f68035df4f891be7ca84f98a876308be532dc0f63afe678c5963a0f998f2fc08b502ffa1abad620b52aff5be27674c72d2fada69d500fecb

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Quest Dystrybucja Sp. z o.o.
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/bin/nx_tpam.rb

@@ -0,0 +1,35 @@
+#!/usr/bin/env ruby
+require 'nexpose_tpam'
+
+# ---- TPAM Configuration ---- #
+# TPAM IP Address
+achost = '192.168.25.111'
+# TPAM username
+acuser = 'Rapid7'
+# TPAM key
+ackey = 'id_dsa'
+# TPAM system with domain definition
+acldap = 'QUEST-LAB_AD'
+# ---- End TPAM Configuration ---- #
+
+# ---- Nexpose Configuration ---- #
+# Nexpose IP Address
+nxip = '192.168.25.222'
+# Nexpose username
+nxuser = 'nxadmin'
+# Nexpose password
+nxpasswd = 'nxpassword'
+# Sites to process credentials, separated by commas, ie: [3, 4, 6]
+sites = [ 1 ]
+# Start scans?
+# This setting will start scans on those sites, wait for the site to complete and then remove the credentials
+# If you prefer to let the scans run on schedule, set this to false, otherwise set to true.
+start_scans = true
+# ---- End Nexpose Configuration ---- #
+
+# --- DO NOT EDIT BELOW THIS LINE --- #
+tpam_options = { :achost => achost, :acuser => acuser, :ackey => ackey, :acldap => acldap }
+nexpose_options = { :nxip => nxip, :nxuser => nxuser, :nxpassword => nxpasswd, :sites => sites }
+
+NexposeTpam::PPM.update_credentials(tpam_options, nexpose_options)
+NexposeTpam::PPM.start_scans(nexpose_options) if start_scans

data/lib/nexpose_tpam.rb

@@ -0,0 +1,47 @@
+require_relative "nexpose_tpam/version"
+require_relative "nexpose_tpam/tpam_ops"
+require_relative "nexpose_tpam/nexpose_ops"
+
+module NexposeTpam
+  module PPM
+    def self.update_credentials(tpam_options, nexpose_options = nil)
+      @nx = Ops::Nexpose.new(nexpose_options[:nxip], nexpose_options[:nxuser], nexpose_options[:nxpassword])
+      nexpose_options[:sites].each do |site_id|
+        # Get name for site
+        site_credentials = []
+        site_ips = @nx.get_ips_from_site(site_id)
+        site_ips.each do |asset|
+          host = ''
+          host = asset.host if asset.is_a?(HostName)
+          host = asset.from if asset.is_a?(IPRange)
+          tpam_options[:range_scenario] = false
+          if asset.is_a?(IPRange) then tpam_options[:range_scenario] = true unless asset.from.nil? end
+          tpam_options[:object] = host
+          #get password
+          asset_data = ComEdmzApi::Tpam.retrievePassword(tpam_options)
+          host = nil if tpam_options[:range_scenario]
+          unless asset_data[:password].nil?
+            credential = Credential.for_service(asset_data[:os], asset_data[:user], asset_data, nil, host)
+            site_credentials.push(credential)
+          end
+        end
+        # Save site
+        @nx.save_site(site_id, site_credentials)
+      end
+    end
+    def self.start_scans(nexpose_options = nil)
+      @nx = Ops::Nexpose.new(nexpose_options[:nxip], nexpose_options[:nxuser], nexpose_options[:nxpassword])
+      nexpose_options[:sites].each do |site_id|
+        puts "Starting scan #{site_id}"
+        scan = @nx.start_scan(site_id)
+        begin
+          sleep(30)
+          status = @nx.scan_status(scan.id)
+          puts "Waiting for scan #{scan.id} to finish"
+        end while status == Scan::Status::RUNNING
+        puts "Deleting creds for #{site_id}"
+        @nx.delete_site_credentials(site_id)
+      end
+    end
+  end
+end

data/lib/nexpose_tpam/nexpose_ops.rb

@@ -0,0 +1,45 @@
+require 'nexpose'
+include Nexpose
+module Ops
+  class Nexpose
+    attr_accessor :nsc
+    def initialize(nxip, nxuser, nxpasword)
+      @nsc = Connection.new(nxip, nxuser, nxpasword)
+      @nsc.login
+    end
+
+    def get_ips_from_site(site_id)
+      site = Site.load(@nsc, site_id)
+      site.assets
+    end
+
+    def get_name_from_site(site_id)
+      site = Site.load(@nsc, site_id)
+      site.name
+    end
+
+    def save_site(site_id, credentials)
+      site = Site.load(@nsc, site_id)
+      site.credentials = credentials
+      site.save(@nsc)
+    end
+
+    def delete_site_credentials(site_id)
+      site = Site.load(@nsc, site_id)
+      #site.site_credentials = []
+      #site.shared_credentials = []
+      site.credentials = []
+      site.save(@nsc)
+    end
+
+    def start_scan(site_id)
+      site = Site.load(@nsc, site_id)
+      puts "Name: #{site.name}"
+      site.scan(@nsc)
+    end
+
+    def scan_status(scan_id)
+      @nsc.scan_status(scan_id)
+    end
+  end
+end

data/lib/nexpose_tpam/tpam_ops.rb

@@ -0,0 +1,102 @@
+require 'java'
+require_relative 'lib/java/commons-logging-1.1.1.jar'
+require_relative 'lib/java/edmz-par-api.jar'
+require_relative 'lib/java/j2ssh-core-0.2.9.jar'
+
+module ComEdmzApi
+  include_package "com.edmz.api"
+
+  java_import java.io.FileInputStream
+  java_import java.io.IOException
+  java_import java.io.PrintWriter
+  java_import java.io.StringWriter
+  java_import java.lang.InterruptedException
+  java_import java.util.ArrayList
+  java_import java.util.Iterator
+  java_import java.util.List
+  java_import java.util.Properties
+
+  java_import org.apache.commons.logging.Log
+  java_import org.apache.commons.logging.LogFactory
+
+  java_import com.edmz.api.bo.CodeMessageResult
+  java_import com.edmz.api.bo.EDMZSystem
+  java_import com.edmz.api.bo.ListResult
+
+  java_import com.edmz.api.filters.AccountFilter
+  java_import com.edmz.api.filters.SystemFilter
+
+  java_import com.sshtools.j2ssh.session.SessionChannelClient
+  java_import com.sshtools.j2ssh.transport.publickey.InvalidSshKeyException
+  java_import com.sshtools.j2ssh.util.InvalidStateException
+
+  class Tpam
+    def self.retrievePassword(tpam_options = {})
+
+      asset_data = {}
+      ac = ComEdmzApi::APIClient.new
+
+      begin
+        ac.connect(tpam_options[:achost])
+        ac.authenticate(tpam_options[:ackey], tpam_options[:acuser])
+      rescue InvalidSshKeyException, IOException => e
+        puts "#{e.message}"
+      end
+
+      begin
+        scc = ComEdmzApi::SessionChannelClient.new
+        scc = ac.createSessionChannel
+        acl = ComEdmzApi::APICommandLib.new(scc)
+
+        sf = ComEdmzApi::SystemFilter.new
+        puts "tpam_options[:object] = #{tpam_options[:object]}"
+        if tpam_options[:range_scenario] == true then
+          sf.networkAddress = tpam_options[:object]
+        else
+          sf.systemName = tpam_options[:object]
+        end
+        #sf.systemName = tpam_options[:system]
+
+        edmzs = []
+        lr = ComEdmzApi::ListResult.new
+        acl.listSystems(sf, lr, edmzs)
+
+        if ((lr.returnCode == 0) && (lr.rowCount == 1))
+          puts "retriving password"
+          if edmzs[0].getPlatformName.downcase.include? 'windows'
+            asset_data[:os] = 'cifs'
+          else
+            asset_data[:os] = 'ssh'
+          end
+          asset_data[:system] = edmzs[0].getSystemName
+          asset_data[:host] = edmzs[0].getNetworkAddress
+          if edmzs[0].getDomainFunctionalAccount.to_s == ''
+            asset_data[:user] = edmzs[0].getFunctionalAccount
+            asset_data[:domain] = ''
+          else
+            asset_data[:user] = edmzs[0].getDomainFunctionalAccount.split('\\').last
+            asset_data[:domain] = edmzs[0].getDomainFunctionalAccount.split('\\').first
+          end
+
+          scc = ac.createSessionChannel
+          acl = ComEdmzApi::APICommandLib.new(scc)
+          res = ComEdmzApi::CodeMessageResult.new
+
+          if asset_data[:domain].to_s == ''
+            acl.retrievePassword(asset_data[:system], asset_data[:user], "", "", res)
+          else
+            acl.retrievePassword(tpam_options[:acldap], asset_data[:user], "", "", res)
+          end
+
+          asset_data[:password] = res.getMessage
+        end
+
+      rescue IOException, InvalidStateException, InterruptedException => e
+        puts "#{e.message}"
+      ensure
+        ac.disconnect
+      end
+      asset_data
+    end
+  end
+end

data/lib/nexpose_tpam/version.rb

@@ -0,0 +1,3 @@
+module NexposeTpam
+  VERSION = "1.0.1"
+end

metadata

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification
+name: nexpose_tpam
+version: !ruby/object:Gem::Version
+  version: 1.0.1
+platform: java
+authors:
+- Quest Dystrybucja Sp. z o.o.
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-09-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: rake
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: rspec
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: nexpose
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+  prerelease: false
+  type: :runtime
+description: Nexpose TPAM integration provides credentials for authenticated scans in Nexpose.
+email:
+- info@quest-pol.com.pl
+executables:
+- nx_tpam.rb
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE.txt
+- TPAM-Nexpose - Integration Guide.pdf
+- bin/nx_tpam.rb
+- lib/nexpose_tpam.rb
+- lib/nexpose_tpam/lib/java/commons-logging-1.1.1.jar
+- lib/nexpose_tpam/lib/java/edmz-par-api.jar
+- lib/nexpose_tpam/lib/java/j2ssh-core-0.2.9.jar
+- lib/nexpose_tpam/nexpose_ops.rb
+- lib/nexpose_tpam/tpam_ops.rb
+- lib/nexpose_tpam/version.rb
+homepage: http://quest-pol.com.pl
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.5
+signing_key:
+specification_version: 4
+summary: Nexpose TPAM integration.
+test_files: []