nexposecli 0.2.7 → 0.2.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/nexposecli +126 -31
- data/lib/nexposecli/args.rb +19 -0
- data/lib/nexposecli/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d2600f716f565ba39880a04fac81dcfbf020da2f
|
|
4
|
+
data.tar.gz: 42100610ee2c841a9228f2d030605a27544f9dfa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 29a4f6751333290493c6c9f85fd86316978df295bb089b90347c20dc3dc79c9092e8ea40b2e82b8422990ae1fd370595e124599becf28d1c552d95eefcc1bff2
|
|
7
|
+
data.tar.gz: 454045409cc51ec66e798f893c16ba0895699e704f69f4fad1c418864fd74d1a955e85c5c147ffcba5c10438bc70a8aeefe8d8ddb139229605503f3ad44b5583
|
data/bin/nexposecli
CHANGED
|
@@ -37,8 +37,11 @@ require 'pp'
|
|
|
37
37
|
# Set default var values
|
|
38
38
|
$nxport = 3780
|
|
39
39
|
$debug = false
|
|
40
|
+
$filteradd = false
|
|
40
41
|
$format = 'default'
|
|
41
42
|
$dryrun = false
|
|
43
|
+
$norun = false
|
|
44
|
+
$nodload = false
|
|
42
45
|
$multitenant = false
|
|
43
46
|
uf_scanners = ''
|
|
44
47
|
|
|
@@ -290,6 +293,9 @@ if args.scanpath
|
|
|
290
293
|
end
|
|
291
294
|
|
|
292
295
|
$debug = TRUE if args.verbose
|
|
296
|
+
$norun = TRUE if args.norun
|
|
297
|
+
$nodload = TRUE if args.nodload
|
|
298
|
+
$filteradd = TRUE if args.filteradd
|
|
293
299
|
$multitenant = TRUE if args.silo
|
|
294
300
|
$dryrun = TRUE if args.dryrun
|
|
295
301
|
uputs("CLI", "Command-line verbosity mode is #{$debug.to_s}")
|
|
@@ -315,8 +321,10 @@ uputs("CLI", "Checking for the requested action")
|
|
|
315
321
|
@action |= 32 if args.run
|
|
316
322
|
@action |= 64 if args.sync
|
|
317
323
|
@action |= 128 if args.copy
|
|
324
|
+
@action |= 256 if args.download
|
|
325
|
+
@action |= 512 if args.status
|
|
318
326
|
uputs("ACTION", "The requested action value is: #{@action.to_s}")
|
|
319
|
-
raise "You can only submit one action per task, see --help (action submitted: #{@action.to_s})" unless [1,2,4,8,16,32,64,128].include?(@action)
|
|
327
|
+
raise "You can only submit one action per task, see --help (action submitted: #{@action.to_s})" unless [1,2,4,8,16,32,64,128,256,512].include?(@action)
|
|
320
328
|
|
|
321
329
|
uputs("TARGET", "Checking for the requested target")
|
|
322
330
|
@target = 0
|
|
@@ -612,6 +620,23 @@ when 2 # TARGET ENGINE
|
|
|
612
620
|
when 16 # delete
|
|
613
621
|
uputs("ACTION", 'delete ENGINE action requested')
|
|
614
622
|
puts 'Not yet implemented'
|
|
623
|
+
when 512 # status
|
|
624
|
+
uputs("ACTION", 'status ENGINE action requested')
|
|
625
|
+
filter = "Name"
|
|
626
|
+
filterv = ".*"
|
|
627
|
+
|
|
628
|
+
if args.filter != nil && args.filterv != nil
|
|
629
|
+
filter = "#{args.filter}"
|
|
630
|
+
filterv = "#{args.filterv}"
|
|
631
|
+
end
|
|
632
|
+
engines = @nsc.engine_versions
|
|
633
|
+
puts '%25s' % "Name" + ' ' + '%10s' % "Status" + ' ' + '%10s' % "Version" + ' ' + '%25s' % "Last Product Update ID" + ' ' + '%25s' % "Last Content Update ID"
|
|
634
|
+
engines.each do |engine|
|
|
635
|
+
if engine[filter].match(filterv)
|
|
636
|
+
upp engine
|
|
637
|
+
puts '%25s' % engine["Name"] + ' ' + '%10s' % engine["Status"] + ' ' + '%10s' % engine["Version"] + ' ' + '%25s' % engine["Last Product Update ID"] + ' ' + '%25s' % engine["Last Content Update ID"]
|
|
638
|
+
end
|
|
639
|
+
end
|
|
615
640
|
else
|
|
616
641
|
uputs("ACTION", 'The action requested is not implemented for target')
|
|
617
642
|
puts 'The action requested is not implemented for target'
|
|
@@ -674,9 +699,25 @@ when 8 # TARGET SCAN
|
|
|
674
699
|
when 1 # create
|
|
675
700
|
uputs("SCAN", 'create SCAN action requested')
|
|
676
701
|
unless (
|
|
677
|
-
args.id != nil && ( args.range || args.targets )
|
|
702
|
+
(args.id != nil && ( args.range || args.targets )) || args.id != nil
|
|
678
703
|
)
|
|
679
|
-
raise 'Please supply the site id and ip range, or targets to scan, see --help'
|
|
704
|
+
raise 'Please supply the site id OR the site id and ip range, or targets to scan, see --help'
|
|
705
|
+
end
|
|
706
|
+
|
|
707
|
+
if ( args.range == nil && args.targets == nil )
|
|
708
|
+
# Site Scan only
|
|
709
|
+
uputs("SCAN", "SCAN action requested for Site Id[#{args.id}]")
|
|
710
|
+
site = Nexpose::Site.load(@nsc, args.id.to_i)
|
|
711
|
+
puts 'The SCAN action requested will be submitted'
|
|
712
|
+
begin
|
|
713
|
+
scan = site.scan(@nsc)
|
|
714
|
+
rescue Nexpose::APIError => e
|
|
715
|
+
STDERR.puts "ERROR [ For Site Id[#{args.id}] #{e.to_s} ]"
|
|
716
|
+
exit(-1)
|
|
717
|
+
end
|
|
718
|
+
puts "The SCAN action requested has been submitted, and is running using: Site Id[#{args.id}] Scan Id[#{scan.id}] Scan Engine/Pool Id[#{scan.id}]"
|
|
719
|
+
upp scan
|
|
720
|
+
exit(0)
|
|
680
721
|
end
|
|
681
722
|
|
|
682
723
|
# CLI args for scan task attempts and sleep interval
|
|
@@ -1395,55 +1436,86 @@ when 32 # TARGET ASSET
|
|
|
1395
1436
|
end
|
|
1396
1437
|
when 64 # TARGET REPORT
|
|
1397
1438
|
case @action
|
|
1398
|
-
when 1 # create
|
|
1439
|
+
when 1, 32 # create and run
|
|
1399
1440
|
uputs("ACTION", 'create REPORT action requested')
|
|
1441
|
+
if args.name == nil
|
|
1442
|
+
args.name = "Default Report Name"
|
|
1443
|
+
end
|
|
1444
|
+
if (args.id != nil) || (args.template != nil)
|
|
1445
|
+
report_config = nil
|
|
1446
|
+
if args.id != nil
|
|
1447
|
+
report_config = Nexpose::ReportConfig.load(@nsc, args.id)
|
|
1448
|
+
upp report_config
|
|
1449
|
+
elsif args.template != nil
|
|
1450
|
+
report_config = Nexpose::ReportConfig.new(args.name, args.template, args.format, -1)
|
|
1451
|
+
begin
|
|
1452
|
+
report_config.save(@nsc, false)
|
|
1453
|
+
rescue Nexpose::APIError => e
|
|
1454
|
+
uputs("REPORT", "An error occurred while attempting to create the report config: #{e.to_s}")
|
|
1455
|
+
STDERR.puts "ERROR [ " + e.to_s + " ]"
|
|
1456
|
+
exit(-1)
|
|
1457
|
+
end
|
|
1458
|
+
end
|
|
1400
1459
|
|
|
1401
|
-
|
|
1402
|
-
|
|
1403
|
-
|
|
1404
|
-
|
|
1405
|
-
|
|
1406
|
-
|
|
1460
|
+
unless $filteradd
|
|
1461
|
+
report_config.filters.delete_if do |filter|
|
|
1462
|
+
# if filter.type == "device"
|
|
1463
|
+
if ["device","site","group"].include?(filter.type)
|
|
1464
|
+
upp filter
|
|
1465
|
+
true
|
|
1466
|
+
end
|
|
1407
1467
|
end
|
|
1468
|
+
uputs("DEBUG", 'report_config.filters post device filter deletion')
|
|
1408
1469
|
end
|
|
1409
|
-
uputs("DEBUG", 'report_config.filters post device filter deletion')
|
|
1410
1470
|
upp(report_config.filters)
|
|
1411
1471
|
|
|
1472
|
+
if args.filter && args.filterv
|
|
1473
|
+
uputs("DEBUG", "report_config.filters #{args.filter} : #{args.filterv} ")
|
|
1474
|
+
report_config.add_filter(args.filter.to_s, args.filterv.to_i)
|
|
1475
|
+
end
|
|
1412
1476
|
if (args.host != nil)
|
|
1413
1477
|
# EJG pass site id through...
|
|
1414
1478
|
device = @nsc.find_device_by_address( args.host, args.site)
|
|
1415
1479
|
if (device != nil)
|
|
1416
|
-
report_config.id = -1
|
|
1480
|
+
# report_config.id = -1
|
|
1417
1481
|
scan_asset_device_id = device.id.to_i
|
|
1418
|
-
report_config.name = "
|
|
1482
|
+
report_config.name = "#{args.name}: " + args.host.to_s + " (" + Time.now.strftime("%Y%m%d%H%M%S") + ")"
|
|
1419
1483
|
report_config.add_filter('device', scan_asset_device_id)
|
|
1420
1484
|
report_config.save(@nsc)
|
|
1421
1485
|
else
|
|
1422
1486
|
puts "Device Id is nil. No match found for ip: " + args.host.to_s + "\n"
|
|
1423
1487
|
end
|
|
1424
1488
|
else
|
|
1425
|
-
report_config.name = "
|
|
1426
|
-
|
|
1427
|
-
|
|
1428
|
-
|
|
1429
|
-
|
|
1430
|
-
|
|
1431
|
-
|
|
1432
|
-
|
|
1433
|
-
|
|
1434
|
-
|
|
1435
|
-
|
|
1489
|
+
report_config.name = "#{args.name} (" + Time.now.strftime("%Y%m%d%H%M%S") + ")"
|
|
1490
|
+
report_config.save(@nsc)
|
|
1491
|
+
end
|
|
1492
|
+
|
|
1493
|
+
unless $norun
|
|
1494
|
+
puts "- Running the report now...\n"
|
|
1495
|
+
report_run = report_config.generate(@nsc)
|
|
1496
|
+
puts "- Report job has been submitted.\n"
|
|
1497
|
+
|
|
1498
|
+
unless $nodload
|
|
1499
|
+
# check for report run status
|
|
1500
|
+
report_summary = @nsc.last_report(report_config.id)
|
|
1501
|
+
while report_summary.status != "Generated"
|
|
1502
|
+
puts "- Sleeping... " + report_summary.status.to_s + "\n"
|
|
1503
|
+
sleep(2)
|
|
1504
|
+
report_summary = @nsc.last_report(report_config.id)
|
|
1505
|
+
end
|
|
1506
|
+
end
|
|
1436
1507
|
end
|
|
1437
|
-
# pp report_summary
|
|
1438
1508
|
|
|
1439
|
-
|
|
1440
|
-
|
|
1509
|
+
unless $norun || $nodload
|
|
1510
|
+
puts "---\n- Report Id: " + report_config.id.to_s + " \n"
|
|
1511
|
+
puts "---\n- The report can be found via:\n https://#{@nsc_server}:3780" + report_summary.uri.to_s + "\n"
|
|
1441
1512
|
|
|
1442
|
-
|
|
1443
|
-
|
|
1444
|
-
|
|
1513
|
+
report_filename = report_summary.uri.split('/').last
|
|
1514
|
+
if (args.name != nil)
|
|
1515
|
+
report_filename.sub! 'Document', "#{args.name}"
|
|
1516
|
+
end
|
|
1517
|
+
download("https://#{@nsc_server}:3780" + report_summary.uri.to_s, "./#{Time.now.strftime("%Y%m%d_%H%M%S_")}#{report_filename}", @nsc)
|
|
1445
1518
|
end
|
|
1446
|
-
download("https://#{@nsc_server}:3780" + report_summary.uri.to_s, "./#{Time.now.strftime("%Y%m%d_%H%M%S_")}#{report_filename}", @nsc)
|
|
1447
1519
|
end
|
|
1448
1520
|
|
|
1449
1521
|
when 2 # list
|
|
@@ -1463,6 +1535,29 @@ when 64 # TARGET REPORT
|
|
|
1463
1535
|
when 16 # delete
|
|
1464
1536
|
uputs("ACTION", 'delete REPORT action requested')
|
|
1465
1537
|
puts 'Not yet implemented'
|
|
1538
|
+
when 256 # download
|
|
1539
|
+
uputs("ACTION", 'download REPORT action requested')
|
|
1540
|
+
# check for report run status
|
|
1541
|
+
report_summary = @nsc.last_report(args.id.to_i)
|
|
1542
|
+
upp report_summary
|
|
1543
|
+
while report_summary.status != "Generated"
|
|
1544
|
+
puts "- Sleeping... " + report_summary.status.to_s + "\n"
|
|
1545
|
+
sleep(2)
|
|
1546
|
+
report_summary = @nsc.last_report(args.id.to_i)
|
|
1547
|
+
end
|
|
1548
|
+
|
|
1549
|
+
puts "---\n- Report Id: " + args.id.to_s + " \n"
|
|
1550
|
+
puts "---\n- The report can be found via:\n https://#{@nsc_server}:3780" + report_summary.uri.to_s + "\n"
|
|
1551
|
+
|
|
1552
|
+
report_filename = report_summary.uri.split('/').last
|
|
1553
|
+
if (args.name != nil)
|
|
1554
|
+
report_filename.sub! 'Document', "#{args.name}"
|
|
1555
|
+
end
|
|
1556
|
+
download("https://#{@nsc_server}:3780" + report_summary.uri.to_s, "./generated#{report_summary.generated_on}_#{report_filename}", @nsc)
|
|
1557
|
+
when 512 # status
|
|
1558
|
+
uputs("ACTION", 'status REPORT action requested')
|
|
1559
|
+
report_summary = @nsc.last_report(args.id.to_i)
|
|
1560
|
+
puts "The report status for report config id[#{args.id}] is: #{report_summary.status}"
|
|
1466
1561
|
else
|
|
1467
1562
|
uputs("ACTION", 'The action requested is not implemented for target')
|
|
1468
1563
|
puts 'The action requested is not implemented for target'
|
data/lib/nexposecli/args.rb
CHANGED
|
@@ -15,9 +15,21 @@ module Nexposecli
|
|
|
15
15
|
short : v
|
|
16
16
|
desc : Run verbosely
|
|
17
17
|
|
|
18
|
+
- name : filteradd
|
|
19
|
+
desc : Filter mode default is FALSE for replace, if TRUE add
|
|
20
|
+
|
|
18
21
|
- name : dryrun
|
|
19
22
|
desc : Dry run mode, do not commit to Console
|
|
20
23
|
|
|
24
|
+
- name : norun
|
|
25
|
+
desc : Do not execute or generate the object affected
|
|
26
|
+
|
|
27
|
+
- name : nodload
|
|
28
|
+
desc : Do not download the object affected
|
|
29
|
+
|
|
30
|
+
- name : download
|
|
31
|
+
desc : Download the generated Report locally, into the current directory
|
|
32
|
+
|
|
21
33
|
- comment : EVM Administrative Actions
|
|
22
34
|
|
|
23
35
|
- name : create
|
|
@@ -35,6 +47,9 @@ module Nexposecli
|
|
|
35
47
|
short : s
|
|
36
48
|
desc : The show action is used to display details of a single object
|
|
37
49
|
|
|
50
|
+
- name : status
|
|
51
|
+
desc : The status action is used to display the status of a single object
|
|
52
|
+
|
|
38
53
|
- name : update
|
|
39
54
|
short : u
|
|
40
55
|
desc : The update action is used to change properties of a single object
|
|
@@ -207,6 +222,10 @@ module Nexposecli
|
|
|
207
222
|
desc : The desired format of the output, default, csv
|
|
208
223
|
required : true
|
|
209
224
|
|
|
225
|
+
- name : format
|
|
226
|
+
desc : The desired format of the report, default is csv
|
|
227
|
+
required : true
|
|
228
|
+
|
|
210
229
|
- name : filter
|
|
211
230
|
short : f
|
|
212
231
|
desc : Filters which are applied to the action, in the form key:value pairs
|
data/lib/nexposecli/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexposecli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Erik Gomez
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2017-03-
|
|
12
|
+
date: 2017-03-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: nexpose
|