nexposecli 0.2.2 → 0.2.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/nexposecli +48 -10
- data/lib/nexposecli/args.rb +4 -0
- data/lib/nexposecli/version.rb +1 -1
- data/nexposecli.gemspec +1 -1
- metadata +3 -10
- data/bin/nexposecli.test +0 -15
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 71e0ff1d5349522c0af200b465da46429d4790b6
|
4
|
+
data.tar.gz: e9d0d3467cfc8bcaafeb034f7f7484ba8f2cae71
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 50fab0be43a770c53be083afa71490014dacb1f56ea88ce4b70d858ee9ef7652597c222fa0b5127ca284a3bbcfe9926a2a02c21163546ded47daa0ac197c31be
|
7
|
+
data.tar.gz: 9ea66667ba4f8522a72b9d685fc304b910be87277d8d605173da204c74abd0b4d51ed340cbcbdb6c7b93905ecbc519f069d6708eea9afd15a77c7dbf1652f4eb
|
data/bin/nexposecli
CHANGED
@@ -56,7 +56,7 @@ max_scan_task_attempts = 3
|
|
56
56
|
def uputs( facility, ulog )
|
57
57
|
# add string validation
|
58
58
|
@logger.info( @nsc_server + "," + @evm_reqid + " [" + facility.to_s + "] " + ulog.to_s)
|
59
|
-
if $debug
|
59
|
+
if $debug || (facility.to_s == "BAIL")
|
60
60
|
puts "[" + facility.to_s + "]" + ulog.to_s
|
61
61
|
end
|
62
62
|
end
|
@@ -415,24 +415,44 @@ when 1 # TARGET USER
|
|
415
415
|
puts "The user: #{user.name} was created with id: #{user.id}"
|
416
416
|
uputs("USER", "New user created: #{user.name} (id:#{user.id})")
|
417
417
|
upp user
|
418
|
-
when 2 # list
|
418
|
+
when 2, 4 # list, show
|
419
419
|
uputs("ACTION", 'list USER action requested')
|
420
420
|
user_listing = @nsc.list_users
|
421
421
|
puts "Users:"
|
422
|
-
puts " - " + '%-6.6s' % 'Admin?' + " " + '%-15.15s' % 'Username' + " " + '%-25.25s' % 'Full Name' + " " + '%-30.30s' % 'Email' + " " + '%-25.25s' % "Role" + "\tAuth Module:Source"
|
422
|
+
puts " - " + '%-5.5s' % 'Id' + " " + '%-6.6s' % 'Admin?' + " " + '%-15.15s' % 'Username' + " " + '%-25.25s' % 'Full Name' + " " + '%-30.30s' % 'Email' + " " + '%-25.25s' % "Role" + "\tAuth Module:Source"
|
423
423
|
user_listing.each do |user|
|
424
424
|
role = Nexpose::User.load(@nsc, user.id).role_name
|
425
|
-
|
425
|
+
if (@action == 4) && (!args.id.to_str.eql? user.name.to_s)
|
426
|
+
next
|
427
|
+
end
|
428
|
+
puts " - " + '%-5.5s' % user.id + " " + '%-6.6s' % user.is_admin.to_s + " " + '%-15.15s' % user.name + " " + '%-25.25s' % user.full_name + " " + '%-30.30s' % user.email + " " + '%-25.25s' % role + "\t#{user.auth_module}:#{user.auth_source}"
|
426
429
|
end
|
427
430
|
upp user_listing
|
428
|
-
when 4 # show
|
429
|
-
uputs("ACTION", 'show USER action requested')
|
430
|
-
userid = args.id.to_str
|
431
|
-
user = Nexpose::User.load(@nsc, userid)
|
432
|
-
pp user
|
431
|
+
# when 4 # show
|
432
|
+
# uputs("ACTION", 'show USER action requested')
|
433
|
+
# userid = args.id.to_str
|
434
|
+
# user = Nexpose::User.load(@nsc, userid)
|
435
|
+
# pp user
|
433
436
|
when 8 # update
|
434
437
|
uputs("ACTION", 'update USER action requested')
|
435
|
-
|
438
|
+
userid = args.id.to_str
|
439
|
+
user = Nexpose::User.load(@nsc, userid)
|
440
|
+
if args.authsrc
|
441
|
+
user.authsrcid = args.authsrc
|
442
|
+
user.password = nil
|
443
|
+
end
|
444
|
+
if args.password
|
445
|
+
user.password = "#{args.password}"
|
446
|
+
end
|
447
|
+
|
448
|
+
# Begin User save attempt
|
449
|
+
begin
|
450
|
+
user.save(@nsc)
|
451
|
+
rescue Nexpose::APIError => e
|
452
|
+
STDERR.puts "ERROR [ #{e.to_s} ]"
|
453
|
+
exit(-1)
|
454
|
+
end
|
455
|
+
puts "User #{user.name} has been updated. Run a --show --USER --id <id> to confirm."
|
436
456
|
when 16 # delete
|
437
457
|
uputs("ACTION", 'delete USER action requested')
|
438
458
|
puts 'Not yet implemented'
|
@@ -912,6 +932,16 @@ when 8 # TARGET SCAN
|
|
912
932
|
end
|
913
933
|
when 2 # list
|
914
934
|
uputs("SCAN", 'list SCAN action requested')
|
935
|
+
# EJG
|
936
|
+
scans = @nsc.past_scans(args.id.to_i)
|
937
|
+
puts "Requested: nsc.past_scans(#{args.id}), but past scans length is: #{scans.length}"
|
938
|
+
puts "Past Scans:"
|
939
|
+
scans.each do |scan|
|
940
|
+
puts " - " + '%-6.6s' % scan.id + " " + '%-15.15s' % scan.engine_name + " " + '%-30.30s' % scan.end_time + " " + '%-25.25s' % scan.status
|
941
|
+
end
|
942
|
+
exit(0)
|
943
|
+
|
944
|
+
# EJG
|
915
945
|
scan_activity = scan_activity()
|
916
946
|
upp scan_activity
|
917
947
|
if scan_activity.length > 0
|
@@ -1640,6 +1670,14 @@ when 16384 # TARGET QUERY
|
|
1640
1670
|
sql_config = Nexpose::AdhocReportConfig.new(nil, 'sql')
|
1641
1671
|
sql_config.add_filter('version', '2.0.1')
|
1642
1672
|
sql_config.add_filter('query', sql)
|
1673
|
+
# EJG
|
1674
|
+
if args.filter
|
1675
|
+
if ['site','group','device','scan','vuln-categories','vuln-severity','vuln-status'].include?(args.filter)
|
1676
|
+
sql_config.add_filter(args.filter, args.filterv)
|
1677
|
+
else
|
1678
|
+
ubail(-1, "The report filter type passed is not valid")
|
1679
|
+
end
|
1680
|
+
end
|
1643
1681
|
|
1644
1682
|
if args.timeout
|
1645
1683
|
rpt_to = args.timeout.to_int
|
data/lib/nexposecli/args.rb
CHANGED
@@ -118,6 +118,10 @@ module Nexposecli
|
|
118
118
|
desc : The target port to be acted upon by the action
|
119
119
|
required : true
|
120
120
|
|
121
|
+
- name : password
|
122
|
+
desc : The target password
|
123
|
+
required : true
|
124
|
+
|
121
125
|
- name : authsrc
|
122
126
|
desc : The target authsrc id
|
123
127
|
required : true
|
data/lib/nexposecli/version.rb
CHANGED
data/nexposecli.gemspec
CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.require_paths = ["lib"]
|
19
19
|
|
20
20
|
spec.required_ruby_version = '>= 2.1'
|
21
|
-
spec.add_runtime_dependency "nexpose", '
|
21
|
+
spec.add_runtime_dependency "nexpose", '>= 4.0.4'
|
22
22
|
spec.add_runtime_dependency "netaddr", '~> 1.5', '>= 1.5.1'
|
23
23
|
spec.add_runtime_dependency "net-ldap", '~> 0.14', '>= 0.14.0'
|
24
24
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nexposecli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Erik Gomez
|
@@ -9,15 +9,12 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-
|
12
|
+
date: 2016-10-17 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: nexpose
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
17
17
|
requirements:
|
18
|
-
- - "~>"
|
19
|
-
- !ruby/object:Gem::Version
|
20
|
-
version: '4.0'
|
21
18
|
- - ">="
|
22
19
|
- !ruby/object:Gem::Version
|
23
20
|
version: 4.0.4
|
@@ -25,9 +22,6 @@ dependencies:
|
|
25
22
|
prerelease: false
|
26
23
|
version_requirements: !ruby/object:Gem::Requirement
|
27
24
|
requirements:
|
28
|
-
- - "~>"
|
29
|
-
- !ruby/object:Gem::Version
|
30
|
-
version: '4.0'
|
31
25
|
- - ">="
|
32
26
|
- !ruby/object:Gem::Version
|
33
27
|
version: 4.0.4
|
@@ -131,7 +125,6 @@ files:
|
|
131
125
|
- Rakefile
|
132
126
|
- bin/console
|
133
127
|
- bin/nexposecli
|
134
|
-
- bin/nexposecli.test
|
135
128
|
- bin/setup
|
136
129
|
- lib/nexposecli.rb
|
137
130
|
- lib/nexposecli/argparse.rb
|
@@ -163,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
163
156
|
version: '0'
|
164
157
|
requirements: []
|
165
158
|
rubyforge_project:
|
166
|
-
rubygems_version: 2.
|
159
|
+
rubygems_version: 2.6.6
|
167
160
|
signing_key:
|
168
161
|
specification_version: 4
|
169
162
|
summary: Ruby command-line utility for Rapid7 Nexpose
|
data/bin/nexposecli.test
DELETED
@@ -1,15 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
|
3
|
-
require 'nexposecli'
|
4
|
-
|
5
|
-
# chatter = Nexposecli::Chatter.new
|
6
|
-
# chatter.say_hello
|
7
|
-
|
8
|
-
# nxclass = Nexposecli::Target.const_get("Role")
|
9
|
-
nxclass = Nexposecli::Target.const_get("#{ARGV[0]}")
|
10
|
-
|
11
|
-
puts nxclass.new.list
|
12
|
-
puts "and again but via const_get for method"
|
13
|
-
puts nxclass.new.method("list").call("me")
|
14
|
-
puts nxclass.new.method("list").call
|
15
|
-
puts nxclass.new.method("list").call("Sarah")
|