nexposecli 0.2.7 → 0.2.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/nexposecli +126 -31
- data/lib/nexposecli/args.rb +19 -0
- data/lib/nexposecli/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d2600f716f565ba39880a04fac81dcfbf020da2f
|
|
4
|
+
data.tar.gz: 42100610ee2c841a9228f2d030605a27544f9dfa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 29a4f6751333290493c6c9f85fd86316978df295bb089b90347c20dc3dc79c9092e8ea40b2e82b8422990ae1fd370595e124599becf28d1c552d95eefcc1bff2
|
|
7
|
+
data.tar.gz: 454045409cc51ec66e798f893c16ba0895699e704f69f4fad1c418864fd74d1a955e85c5c147ffcba5c10438bc70a8aeefe8d8ddb139229605503f3ad44b5583
|
data/bin/nexposecli
CHANGED
|
@@ -37,8 +37,11 @@ require 'pp'
|
|
|
37
37
|
# Set default var values
|
|
38
38
|
$nxport = 3780
|
|
39
39
|
$debug = false
|
|
40
|
+
$filteradd = false
|
|
40
41
|
$format = 'default'
|
|
41
42
|
$dryrun = false
|
|
43
|
+
$norun = false
|
|
44
|
+
$nodload = false
|
|
42
45
|
$multitenant = false
|
|
43
46
|
uf_scanners = ''
|
|
44
47
|
|
|
@@ -290,6 +293,9 @@ if args.scanpath
|
|
|
290
293
|
end
|
|
291
294
|
|
|
292
295
|
$debug = TRUE if args.verbose
|
|
296
|
+
$norun = TRUE if args.norun
|
|
297
|
+
$nodload = TRUE if args.nodload
|
|
298
|
+
$filteradd = TRUE if args.filteradd
|
|
293
299
|
$multitenant = TRUE if args.silo
|
|
294
300
|
$dryrun = TRUE if args.dryrun
|
|
295
301
|
uputs("CLI", "Command-line verbosity mode is #{$debug.to_s}")
|
|
@@ -315,8 +321,10 @@ uputs("CLI", "Checking for the requested action")
|
|
|
315
321
|
@action |= 32 if args.run
|
|
316
322
|
@action |= 64 if args.sync
|
|
317
323
|
@action |= 128 if args.copy
|
|
324
|
+
@action |= 256 if args.download
|
|
325
|
+
@action |= 512 if args.status
|
|
318
326
|
uputs("ACTION", "The requested action value is: #{@action.to_s}")
|
|
319
|
-
raise "You can only submit one action per task, see --help (action submitted: #{@action.to_s})" unless [1,2,4,8,16,32,64,128].include?(@action)
|
|
327
|
+
raise "You can only submit one action per task, see --help (action submitted: #{@action.to_s})" unless [1,2,4,8,16,32,64,128,256,512].include?(@action)
|
|
320
328
|
|
|
321
329
|
uputs("TARGET", "Checking for the requested target")
|
|
322
330
|
@target = 0
|
|
@@ -612,6 +620,23 @@ when 2 # TARGET ENGINE
|
|
|
612
620
|
when 16 # delete
|
|
613
621
|
uputs("ACTION", 'delete ENGINE action requested')
|
|
614
622
|
puts 'Not yet implemented'
|
|
623
|
+
when 512 # status
|
|
624
|
+
uputs("ACTION", 'status ENGINE action requested')
|
|
625
|
+
filter = "Name"
|
|
626
|
+
filterv = ".*"
|
|
627
|
+
|
|
628
|
+
if args.filter != nil && args.filterv != nil
|
|
629
|
+
filter = "#{args.filter}"
|
|
630
|
+
filterv = "#{args.filterv}"
|
|
631
|
+
end
|
|
632
|
+
engines = @nsc.engine_versions
|
|
633
|
+
puts '%25s' % "Name" + ' ' + '%10s' % "Status" + ' ' + '%10s' % "Version" + ' ' + '%25s' % "Last Product Update ID" + ' ' + '%25s' % "Last Content Update ID"
|
|
634
|
+
engines.each do |engine|
|
|
635
|
+
if engine[filter].match(filterv)
|
|
636
|
+
upp engine
|
|
637
|
+
puts '%25s' % engine["Name"] + ' ' + '%10s' % engine["Status"] + ' ' + '%10s' % engine["Version"] + ' ' + '%25s' % engine["Last Product Update ID"] + ' ' + '%25s' % engine["Last Content Update ID"]
|
|
638
|
+
end
|
|
639
|
+
end
|
|
615
640
|
else
|
|
616
641
|
uputs("ACTION", 'The action requested is not implemented for target')
|
|
617
642
|
puts 'The action requested is not implemented for target'
|
|
@@ -674,9 +699,25 @@ when 8 # TARGET SCAN
|
|
|
674
699
|
when 1 # create
|
|
675
700
|
uputs("SCAN", 'create SCAN action requested')
|
|
676
701
|
unless (
|
|
677
|
-
args.id != nil && ( args.range || args.targets )
|
|
702
|
+
(args.id != nil && ( args.range || args.targets )) || args.id != nil
|
|
678
703
|
)
|
|
679
|
-
raise 'Please supply the site id and ip range, or targets to scan, see --help'
|
|
704
|
+
raise 'Please supply the site id OR the site id and ip range, or targets to scan, see --help'
|
|
705
|
+
end
|
|
706
|
+
|
|
707
|
+
if ( args.range == nil && args.targets == nil )
|
|
708
|
+
# Site Scan only
|
|
709
|
+
uputs("SCAN", "SCAN action requested for Site Id[#{args.id}]")
|
|
710
|
+
site = Nexpose::Site.load(@nsc, args.id.to_i)
|
|
711
|
+
puts 'The SCAN action requested will be submitted'
|
|
712
|
+
begin
|
|
713
|
+
scan = site.scan(@nsc)
|
|
714
|
+
rescue Nexpose::APIError => e
|
|
715
|
+
STDERR.puts "ERROR [ For Site Id[#{args.id}] #{e.to_s} ]"
|
|
716
|
+
exit(-1)
|
|
717
|
+
end
|
|
718
|
+
puts "The SCAN action requested has been submitted, and is running using: Site Id[#{args.id}] Scan Id[#{scan.id}] Scan Engine/Pool Id[#{scan.id}]"
|
|
719
|
+
upp scan
|
|
720
|
+
exit(0)
|
|
680
721
|
end
|
|
681
722
|
|
|
682
723
|
# CLI args for scan task attempts and sleep interval
|
|
@@ -1395,55 +1436,86 @@ when 32 # TARGET ASSET
|
|
|
1395
1436
|
end
|
|
1396
1437
|
when 64 # TARGET REPORT
|
|
1397
1438
|
case @action
|
|
1398
|
-
when 1 # create
|
|
1439
|
+
when 1, 32 # create and run
|
|
1399
1440
|
uputs("ACTION", 'create REPORT action requested')
|
|
1441
|
+
if args.name == nil
|
|
1442
|
+
args.name = "Default Report Name"
|
|
1443
|
+
end
|
|
1444
|
+
if (args.id != nil) || (args.template != nil)
|
|
1445
|
+
report_config = nil
|
|
1446
|
+
if args.id != nil
|
|
1447
|
+
report_config = Nexpose::ReportConfig.load(@nsc, args.id)
|
|
1448
|
+
upp report_config
|
|
1449
|
+
elsif args.template != nil
|
|
1450
|
+
report_config = Nexpose::ReportConfig.new(args.name, args.template, args.format, -1)
|
|
1451
|
+
begin
|
|
1452
|
+
report_config.save(@nsc, false)
|
|
1453
|
+
rescue Nexpose::APIError => e
|
|
1454
|
+
uputs("REPORT", "An error occurred while attempting to create the report config: #{e.to_s}")
|
|
1455
|
+
STDERR.puts "ERROR [ " + e.to_s + " ]"
|
|
1456
|
+
exit(-1)
|
|
1457
|
+
end
|
|
1458
|
+
end
|
|
1400
1459
|
|
|
1401
|
-
|
|
1402
|
-
|
|
1403
|
-
|
|
1404
|
-
|
|
1405
|
-
|
|
1406
|
-
|
|
1460
|
+
unless $filteradd
|
|
1461
|
+
report_config.filters.delete_if do |filter|
|
|
1462
|
+
# if filter.type == "device"
|
|
1463
|
+
if ["device","site","group"].include?(filter.type)
|
|
1464
|
+
upp filter
|
|
1465
|
+
true
|
|
1466
|
+
end
|
|
1407
1467
|
end
|
|
1468
|
+
uputs("DEBUG", 'report_config.filters post device filter deletion')
|
|
1408
1469
|
end
|
|
1409
|
-
uputs("DEBUG", 'report_config.filters post device filter deletion')
|
|
1410
1470
|
upp(report_config.filters)
|
|
1411
1471
|
|
|
1472
|
+
if args.filter && args.filterv
|
|
1473
|
+
uputs("DEBUG", "report_config.filters #{args.filter} : #{args.filterv} ")
|
|
1474
|
+
report_config.add_filter(args.filter.to_s, args.filterv.to_i)
|
|
1475
|
+
end
|
|
1412
1476
|
if (args.host != nil)
|
|
1413
1477
|
# EJG pass site id through...
|
|
1414
1478
|
device = @nsc.find_device_by_address( args.host, args.site)
|
|
1415
1479
|
if (device != nil)
|
|
1416
|
-
report_config.id = -1
|
|
1480
|
+
# report_config.id = -1
|
|
1417
1481
|
scan_asset_device_id = device.id.to_i
|
|
1418
|
-
report_config.name = "
|
|
1482
|
+
report_config.name = "#{args.name}: " + args.host.to_s + " (" + Time.now.strftime("%Y%m%d%H%M%S") + ")"
|
|
1419
1483
|
report_config.add_filter('device', scan_asset_device_id)
|
|
1420
1484
|
report_config.save(@nsc)
|
|
1421
1485
|
else
|
|
1422
1486
|
puts "Device Id is nil. No match found for ip: " + args.host.to_s + "\n"
|
|
1423
1487
|
end
|
|
1424
1488
|
else
|
|
1425
|
-
report_config.name = "
|
|
1426
|
-
|
|
1427
|
-
|
|
1428
|
-
|
|
1429
|
-
|
|
1430
|
-
|
|
1431
|
-
|
|
1432
|
-
|
|
1433
|
-
|
|
1434
|
-
|
|
1435
|
-
|
|
1489
|
+
report_config.name = "#{args.name} (" + Time.now.strftime("%Y%m%d%H%M%S") + ")"
|
|
1490
|
+
report_config.save(@nsc)
|
|
1491
|
+
end
|
|
1492
|
+
|
|
1493
|
+
unless $norun
|
|
1494
|
+
puts "- Running the report now...\n"
|
|
1495
|
+
report_run = report_config.generate(@nsc)
|
|
1496
|
+
puts "- Report job has been submitted.\n"
|
|
1497
|
+
|
|
1498
|
+
unless $nodload
|
|
1499
|
+
# check for report run status
|
|
1500
|
+
report_summary = @nsc.last_report(report_config.id)
|
|
1501
|
+
while report_summary.status != "Generated"
|
|
1502
|
+
puts "- Sleeping... " + report_summary.status.to_s + "\n"
|
|
1503
|
+
sleep(2)
|
|
1504
|
+
report_summary = @nsc.last_report(report_config.id)
|
|
1505
|
+
end
|
|
1506
|
+
end
|
|
1436
1507
|
end
|
|
1437
|
-
# pp report_summary
|
|
1438
1508
|
|
|
1439
|
-
|
|
1440
|
-
|
|
1509
|
+
unless $norun || $nodload
|
|
1510
|
+
puts "---\n- Report Id: " + report_config.id.to_s + " \n"
|
|
1511
|
+
puts "---\n- The report can be found via:\n https://#{@nsc_server}:3780" + report_summary.uri.to_s + "\n"
|
|
1441
1512
|
|
|
1442
|
-
|
|
1443
|
-
|
|
1444
|
-
|
|
1513
|
+
report_filename = report_summary.uri.split('/').last
|
|
1514
|
+
if (args.name != nil)
|
|
1515
|
+
report_filename.sub! 'Document', "#{args.name}"
|
|
1516
|
+
end
|
|
1517
|
+
download("https://#{@nsc_server}:3780" + report_summary.uri.to_s, "./#{Time.now.strftime("%Y%m%d_%H%M%S_")}#{report_filename}", @nsc)
|
|
1445
1518
|
end
|
|
1446
|
-
download("https://#{@nsc_server}:3780" + report_summary.uri.to_s, "./#{Time.now.strftime("%Y%m%d_%H%M%S_")}#{report_filename}", @nsc)
|
|
1447
1519
|
end
|
|
1448
1520
|
|
|
1449
1521
|
when 2 # list
|
|
@@ -1463,6 +1535,29 @@ when 64 # TARGET REPORT
|
|
|
1463
1535
|
when 16 # delete
|
|
1464
1536
|
uputs("ACTION", 'delete REPORT action requested')
|
|
1465
1537
|
puts 'Not yet implemented'
|
|
1538
|
+
when 256 # download
|
|
1539
|
+
uputs("ACTION", 'download REPORT action requested')
|
|
1540
|
+
# check for report run status
|
|
1541
|
+
report_summary = @nsc.last_report(args.id.to_i)
|
|
1542
|
+
upp report_summary
|
|
1543
|
+
while report_summary.status != "Generated"
|
|
1544
|
+
puts "- Sleeping... " + report_summary.status.to_s + "\n"
|
|
1545
|
+
sleep(2)
|
|
1546
|
+
report_summary = @nsc.last_report(args.id.to_i)
|
|
1547
|
+
end
|
|
1548
|
+
|
|
1549
|
+
puts "---\n- Report Id: " + args.id.to_s + " \n"
|
|
1550
|
+
puts "---\n- The report can be found via:\n https://#{@nsc_server}:3780" + report_summary.uri.to_s + "\n"
|
|
1551
|
+
|
|
1552
|
+
report_filename = report_summary.uri.split('/').last
|
|
1553
|
+
if (args.name != nil)
|
|
1554
|
+
report_filename.sub! 'Document', "#{args.name}"
|
|
1555
|
+
end
|
|
1556
|
+
download("https://#{@nsc_server}:3780" + report_summary.uri.to_s, "./generated#{report_summary.generated_on}_#{report_filename}", @nsc)
|
|
1557
|
+
when 512 # status
|
|
1558
|
+
uputs("ACTION", 'status REPORT action requested')
|
|
1559
|
+
report_summary = @nsc.last_report(args.id.to_i)
|
|
1560
|
+
puts "The report status for report config id[#{args.id}] is: #{report_summary.status}"
|
|
1466
1561
|
else
|
|
1467
1562
|
uputs("ACTION", 'The action requested is not implemented for target')
|
|
1468
1563
|
puts 'The action requested is not implemented for target'
|
data/lib/nexposecli/args.rb
CHANGED
|
@@ -15,9 +15,21 @@ module Nexposecli
|
|
|
15
15
|
short : v
|
|
16
16
|
desc : Run verbosely
|
|
17
17
|
|
|
18
|
+
- name : filteradd
|
|
19
|
+
desc : Filter mode default is FALSE for replace, if TRUE add
|
|
20
|
+
|
|
18
21
|
- name : dryrun
|
|
19
22
|
desc : Dry run mode, do not commit to Console
|
|
20
23
|
|
|
24
|
+
- name : norun
|
|
25
|
+
desc : Do not execute or generate the object affected
|
|
26
|
+
|
|
27
|
+
- name : nodload
|
|
28
|
+
desc : Do not download the object affected
|
|
29
|
+
|
|
30
|
+
- name : download
|
|
31
|
+
desc : Download the generated Report locally, into the current directory
|
|
32
|
+
|
|
21
33
|
- comment : EVM Administrative Actions
|
|
22
34
|
|
|
23
35
|
- name : create
|
|
@@ -35,6 +47,9 @@ module Nexposecli
|
|
|
35
47
|
short : s
|
|
36
48
|
desc : The show action is used to display details of a single object
|
|
37
49
|
|
|
50
|
+
- name : status
|
|
51
|
+
desc : The status action is used to display the status of a single object
|
|
52
|
+
|
|
38
53
|
- name : update
|
|
39
54
|
short : u
|
|
40
55
|
desc : The update action is used to change properties of a single object
|
|
@@ -207,6 +222,10 @@ module Nexposecli
|
|
|
207
222
|
desc : The desired format of the output, default, csv
|
|
208
223
|
required : true
|
|
209
224
|
|
|
225
|
+
- name : format
|
|
226
|
+
desc : The desired format of the report, default is csv
|
|
227
|
+
required : true
|
|
228
|
+
|
|
210
229
|
- name : filter
|
|
211
230
|
short : f
|
|
212
231
|
desc : Filters which are applied to the action, in the form key:value pairs
|
data/lib/nexposecli/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nexposecli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Erik Gomez
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2017-03-
|
|
12
|
+
date: 2017-03-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: nexpose
|