rhessus 0.0.1

data/History.txt

@@ -0,0 +1,6 @@
+=== 1.0.0 / 2009-07-28
+
+* 1 major enhancement
+
+  * Birthday!
+

data/Manifest.txt

@@ -0,0 +1,8 @@
+.autotest
+History.txt
+Manifest.txt
+README.txt
+Rakefile
+bin/rhessus
+lib/rhessus.rb
+test/test_rhessus.rb

data/README.txt

@@ -0,0 +1,50 @@
+= rhessus
+
+* FIX (url)
+
+== DESCRIPTION:
+
+FIX (describe your package)
+
+== FEATURES/PROBLEMS:
+
+* FIX (list of features or problems)
+
+== SYNOPSIS:
+
+  FIX (code sample of usage)
+
+== REQUIREMENTS:
+
+* FIX (list of requirements)
+
+== INSTALL:
+
+* FIX (sudo gem install, anything else)
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2009 FIX
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+

data/Rakefile

@@ -0,0 +1,12 @@
+# -*- ruby -*-
+
+require 'rubygems'
+require 'hoe'
+
+Hoe.spec 'rhessus' do
+  # developer('FIX', 'FIX@example.com')
+
+  # self.rubyforge_name = 'rhessusx' # if different than 'rhessus'
+end
+
+# vim: syntax=ruby

data/bin/rhessus

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+require 'rhessus'
+require 'daemons'
+
+Rhessus.init
+
+Daemons.run_proc('rhessus') do  
+  loop do
+    if Rhessus.system_load_ok? 
+      puts "Attemping to get connection..."
+      Rhessus::ScanRunner.checkout.fire!
+    end
+    sleep(5)
+  end
+end

data/lib/connections/scan.rb

@@ -0,0 +1,39 @@
+require 'rubygems'
+require 'activeresource'
+module Rhessus
+  class Scan < ActiveResource::Base
+    self.site = ""
+    class << self
+      def checkout
+        new.tap do |x|
+          begin
+            x.load(format.decode(post(:checkout).body))
+            puts self
+            x.should_fire = true
+          rescue Exception => e
+	    puts e
+            x.should_fire = false
+          end
+        end
+      end
+    end
+    
+    def checkin(result_string)
+      self.results = ::Rhessus.parse_results(result_string)
+      puts "Attemping to checkin"
+      post(:checkin) 
+    end
+    
+    def failure
+      post(:failure)
+    end
+    
+    def should_fire?
+      @should_fire
+    end
+    
+    def should_fire=(x)
+      @should_fire = x
+    end
+  end
+end

data/lib/rhessus.rb

@@ -0,0 +1,82 @@
+require File.join 'connections', 'scan'
+require 'optparse'
+require 'fastercsv'
+require 'scan_runner'
+module Rhessus
+  VERSION = '0.1.0'
+  class << self
+    # returns the information necessary to start a scan
+    # nessus path, -T nbe -q host name password
+    def scanner
+      return @scanner if @scanner
+      exe = @nessus || `which nessus`.chomp
+      exe = '/opt/nessus/bin/nessus ' if exe == ""
+      options = " -T nbe -q "
+      login   = " #{@host || 'localhost'} #{@port || 1241} #{@username} #{@password} "
+      @scanner = exe + options + login
+    end
+    
+    def parse_results(res)
+      puts "Attempting Parse"
+      res.split("\n").collect {|x| 
+        r = x.split("|")
+      }.select{|x| x[0] == "results"}.
+        collect do |result|
+          {:ip => result[2],
+            :port => result[3],
+            :plugin_id => result[4],
+            :severity  => (case result[5] 
+            when "Security Note"
+              0
+            when "Security Warning"
+              1
+            when "Security Hole"
+              2
+            end),
+            :details => result[6]
+          }
+        end
+    end
+    
+    # Parse the options
+    def init
+      @host = 'localhost'
+      @username = 'admin'
+      @password = 'password'
+      OptionParser.new do |opts|
+        opts.on('-h', '--host [HOST]', 
+          "The host running the scanner (default localhost)") do |h|
+            @host = h
+          end
+        opts.on('-u', '--username USER',
+          "The username on the nessus scanner") do |u|
+            @username = u
+          end
+        opts.on('-p', '--password PASS',
+          "The password for the scanner") do |p|
+            @password = p
+          end
+        opts.on('-o', '--port [PORT]',
+          "The port of the nessus scanner (default 1241)") do |p|
+            @port = p
+          end
+        opts.on('-s', '--site SITE', "Site to push uploads (incl. http://)") do |s|
+            ::Rhessus::Scan.site = s
+          end
+        opts.on('-n', '--nessus NESSUS', "Nessus executable (unneeded if in path)") do |n|
+          @nessus = n
+        end
+        opts.on('-H', '--help', "Show this message") do |h|
+          puts opts
+          exit
+        end
+      end.parse!
+    end
+    
+    # If can locate the average 5 minute load of the system
+    # and that load is below .6 or the user-defined threshold, returns true
+    def system_load_ok?
+      true
+    end
+  end
+end

data/lib/scan_runner.rb

@@ -0,0 +1,69 @@
+require 'tempfile'
+module Rhessus
+  # Encapulates scan targetting and running
+  class ScanRunner < Scan
+    self.element_name = "scan"
+    # waits until it can safely get a fork, then initiates a new scan at its target
+    # The forked process attempts to notify the central authority upon being killed that
+    # the scan was a failure
+    def fire!
+      # safely get a fork and fire the scan
+      return nil unless should_fire?
+      tryagain = true
+      pid = nil
+      @path = lock(self.targets)
+      while tryagain
+        begin
+          if pid = fork(&self)
+            tryagain = false
+          end
+        rescue Errno::EWOULDBLOCK
+          sleep 5
+          tryagain = true
+        end
+      end
+      Process.detach(pid)
+    end
+    
+    # The procedure that should be executed when the scan actually runs, 
+    # including signal handling
+    def to_proc
+      if should_fire?
+        Proc.new do
+	  puts "Attempting to fire scan... #{scan_string}"
+	  puts "#{::Rhessus.scanner}"
+          begin
+            Signal.trap("KILL") do 
+              self.failure
+              exit
+            end
+            Signal.trap("TERM") do 
+              self.failure
+              exit
+            end
+          checkin(system(::Rhessus.scanner + scan_string) && File.read(@results))
+          rescue
+            self.failure
+            exit
+          end
+        end
+      else
+        Proc.new { nil }
+      end
+    end
+    
+    # Creates a tempfile containing the scans
+    def lock(targets)
+      @results = Tempfile.new("rhessus-scan-#{self.id}-results").path
+      (Tempfile.new("rhessus-scan-#{self.id}-targets").tap do |x|
+        x.puts targets
+        x.flush
+      end).path
+    end
+    
+    # the second half of the scanner's data (after host, login, password)
+    def scan_string
+      " #{@path} #{@results}"
+    end
+  end
+end

data/rhessus.gemspec

@@ -0,0 +1,15 @@
+spec = Gem::Specification.new do |s|
+  s.author = "Alex Bartlow"
+  s.name   = "rhessus"
+  s.version = "0.0.1"
+  s.summary = "Ruby Wrapper for Nessus"
+  s.description = "Allows scans to be pulled from central repositories"
+  s.require_path = 'lib'
+  s.has_rdoc = false
+  s.email = "bartlowa@gmail.com"
+  s.homepage = "http://alexbarlow.com"
+  s.files = Dir['**/*'] - [__FILE__]
+  s.executable = "rhessus"
+  s.add_dependency('activeresource', '>= 2.3.2')
+  s.add_dependency('daemons')
+end

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification 
+name: rhessus
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Alex Bartlow
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-02-08 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: activeresource
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 2.3.2
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: daemons
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: Allows scans to be pulled from central repositories
+email: bartlowa@gmail.com
+executables: 
+- rhessus
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- bin/rhessus
+- History.txt
+- lib/connections/scan.rb
+- lib/rhessus.rb
+- lib/scan_runner.rb
+- Manifest.txt
+- Rakefile
+- README.txt
+- rhessus-0.0.1.gem
+- rhessus.gemspec
+has_rdoc: true
+homepage: http://alexbarlow.com
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Ruby Wrapper for Nessus
+test_files: []
+