ruby-nessus 0.1.4 → 1.0.0

data/lib/ruby-nessus/event.rb

@@ -1,87 +0,0 @@
-require 'ruby-nessus/port'
-
-module Nessus
-  class Event
-    # Event
-    attr_reader :event
-
-    # Return the total event count for a given host.
-    # @return [Integer]
-    #   Return the total event count for a given host.
-    # @example
-    #   host.event_count #=> 3456
-    def initialize(event)
-      @event = event
-    end
-
-    # Return the event port.
-    # @return [Object]
-    #    Return the event port object or port string.
-    # @example
-    #   event.port            #=> "https (443/tcp)"
-    #   event.port.number     #=> 443
-    #   event.port.service    #=> "https"
-    #   event.port.protocol   #=> "tcp"
-    def port
-      @port ||= Port.parse(@event.at('port').inner_text)
-    end
-
-    # Return the event severity.
-    # @return [String]
-    #    Return the event severity.
-    # @example
-    #   event.severity          #=> 3
-    #   event.severity.in_words #=> "High Severity"
-    # @see String#in_words
-    def severity
-      @severity ||= @event.at('severity').inner_text.to_i
-    end
-
-    # Return the event object nessus plugin id
-    # @return [String]
-    #    Return the event object nessus plugin id
-    # @example
-    #   event.plugin_id #=> 3245
-    def plugin_id
-      @plugin_id ||= @event.at('pluginID').inner_text.to_i
-    end
-
-    # Return the event name (plugin_name)
-    # @return [String]
-    #    Return the event name (plugin_name)
-    # @example
-    #   event.plugin_name   #=> "PHP < 5.2.4 Multiple Vulnerabilities"
-    #   event.name          #=> "PHP < 5.2.4 Multiple Vulnerabilities"
-    def plugin_name
-      s = @event.at('pluginName').inner_text
-      
-      @plugin_name ||= unless s.empty?
-                         @event.at('pluginName').inner_text || "N/A"
-                       else
-                         false
-                       end
-
-      return @plugin_name
-    end
-    alias name plugin_name
-
-    # Return the event plugin output data
-    # @return [String]
-    #    Return the event plugin output data
-    # @example
-    #   event.output        #=> "..."
-    #   event.data          #=> "..."
-    def data
-      d = "#{@event.at('data')}" || ""
-    
-      @data ||= unless d.empty?
-                         @event.at('data').inner_text || "N/A"
-                       else
-                         false
-                       end
-      return @data
-    end
-    alias output data
-
-  end
-end

data/lib/ruby-nessus/host.rb

@@ -1,254 +0,0 @@
-module Nessus
-  class Host
-    include Enumerable
-    
-    # Host
-    attr_reader :host
-
-    # Creates A New Host Object
-    # @param [Object] Host Object
-    # @example
-    # Host.new(object)
-    def initialize(host)
-      @host = host
-    end
-
-    # Return the Host Object hostname.
-    # @return [String]
-    #   The Host Object Hostname
-    # @example
-    #   host.hostname #=> "127.0.0.1"
-    def hostname
-      @hostname ||= @host.at('HostName').inner_text
-    end
-
-    # Return the host scan start time.
-    # @return [DateTime]
-    #   The Host Scan Start Time
-    # @example
-    #   scan.scan_start_time #=> 'Fri Nov 11 23:36:54 1985'
-    def scan_start_time
-      if @host.at('startTime').inner_text.blank?
-        return false
-      else
-        @host_scan_time = DateTime.strptime(@host.at('startTime').inner_text, fmt='%a %b %d %H:%M:%S %Y')
-      end
-    end
-
-    # Return the host scan stop time.
-    # @return [DateTime]
-    #   The Host Scan Stop Time
-    # @example
-    #   scan.scan_start_time #=> 'Fri Nov 11 23:36:54 1985'
-    def scan_stop_time
-      if @host.at('stopTime').inner_text.blank?
-        return false
-      else
-        @host_scan_time = DateTime.strptime(@host.at('stopTime').inner_text, fmt='%a %b %d %H:%M:%S %Y')
-      end
-    end
-
-    # Return the host run time.
-    # @return [String]
-    #   The Host Scan Run Time
-    # @example
-    #   scan.scan_run_time #=> '2 hours 5 minutes and 16 seconds'
-    def scan_runtime
-      h = ("#{Time.parse(scan_stop_time.to_s).strftime('%H').to_i - Time.parse(scan_start_time.to_s).strftime('%H').to_i}").gsub('-', '')
-      m = ("#{Time.parse(scan_stop_time.to_s).strftime('%M').to_i - Time.parse(scan_start_time.to_s).strftime('%M').to_i}").gsub('-', '')
-      s = ("#{Time.parse(scan_stop_time.to_s).strftime('%S').to_i - Time.parse(scan_start_time.to_s).strftime('%S').to_i}").gsub('-', '')
-      return "#{h} hours #{m} minutes and #{s} seconds"
-    end
-
-    # Return the Host Netbios Name.
-    # @return [String]
-    #   The Host Netbios Name
-    # @example
-    #   host.netbios_name #=> "SOMENAME4243"
-    def netbios_name
-      @netbios_name ||= @host.at('netbios_name').inner_text
-    end
-
-    # Return the Host Mac Address.
-    # @return [String]
-    #   Return the Host Mac Address
-    # @example
-    #   host.mac_addr #=> "00:11:22:33:44:55"
-    def mac_addr
-      @mac_addr ||= @host.at('mac_addr').inner_text
-    end
-    alias mac_address mac_addr
-
-    # Return the Host DNS Name.
-    # @return [String]
-    #   Return the Host DNS Name
-    # @example
-    #   host.dns_name #=> "snorby.org"
-    def dns_name
-      @dns_name ||= @host.at('dns_name').inner_text
-    end
-
-    # Return the Host OS Name.
-    # @return [String]
-    #   Return the Host OS Name
-    # @example
-    #   host.dns_name #=> "Microsoft Windows 2000, Microsoft Windows Server 2003"
-    def os_name
-      @os_name ||= @host.at('os_name').inner_text
-    end
-    alias operating_system os_name
-
-    # Return the open ports for a given host object.
-    # @return [Integer]
-    #   Return the open ports for a given host object.
-    # @example
-    #   host.open_ports #=> 213
-    def open_ports
-      @scanned_ports ||= @host.at('num_ports').inner_text.to_i
-    end
-
-    # Returns All Informational Event Objects For A Given Host.
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created Event object.
-    # @yieldparam [EVENT] prog The newly created Event object.
-    # @return [Integer]
-    #   Return The Informational Event Count For A Given Host.
-    # @example
-    #   host.informational_events do |info|
-    #     puts info.port
-    #     puts info.data if info.data
-    #   end
-    def informational_events(&block)
-      unless @informational_events
-        @informational_events = []
-        @informational_event_count = 0
-
-        @host.xpath("ReportItem").each do |event|
-          next if event.at('severity').inner_text.to_i != 0
-          @informational_events << Event.new(event)
-          @informational_event_count += 1
-        end
-
-      end
-
-      @informational_events.each(&block)
-      return @informational_event_count
-    end
-
-    # Returns All Low Event Objects For A Given Host.
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created Event object.
-    # @yieldparam [EVENT] prog The newly created Event object.
-    # @return [Integer]
-    #   Return The Low Event Count For A Given Host.
-    # @example
-    #   host.low_severity_events do |low|
-    #     puts low.name if low.name
-    #   end
-    def low_severity_events(&block)
-
-      @low_severity_count = @host.at('num_lo').inner_text.to_i
-
-      unless @low_severity_events
-        @low_severity_events = []
-
-        @host.xpath("ReportItem").each do |event|
-          next if event.at('severity').inner_text.to_i != 1
-          @low_severity_events << Event.new(event)
-        end
-
-      end
-
-      @low_severity_events.each(&block)
-      return @low_severity_count
-    end
-
-    # Returns All Medium Event Objects For A Given Host.
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created Event object.
-    # @yieldparam [EVENT] prog The newly created Event object.
-    # @return [Integer]
-    #   Return The Medium Event Count For A Given Host.
-    # @example
-    #   host.medium_severity_events do |medium|
-    #     puts medium.name if medium.name
-    #   end
-    def medium_severity_events(&block)
-
-      @high_severity_count = @host.at('num_med').inner_text.to_i
-
-      unless @medium_severity_events
-        @medium_severity_events = []
-
-        @host.xpath("ReportItem").each do |event|
-          next if event.at('severity').inner_text.to_i != 2
-          @medium_severity_events << Event.new(event)
-        end
-
-      end
-
-      @medium_severity_events.each(&block)
-      return @high_severity_count
-    end
-
-    # Returns All High Event Objects For A Given Host.
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created Event object.
-    # @yieldparam [EVENT] prog The newly created Event object.
-    # @return [Integer]
-    #   Return The High Event Count For A Given Host.
-    # @example
-    #   host.high_severity_events do |high|
-    #     puts high.name if high.name
-    #   end
-    def high_severity_events(&block)
-
-      @high_severity_count = @host.at('num_hi').inner_text.to_i
-
-      unless @high_severity_events
-        @high_severity_events = []
-
-        @host.xpath("ReportItem").each do |event|
-          next if event.at('severity').inner_text.to_i != 3
-          @high_severity_events << Event.new(event)
-        end
-
-      end
-
-      @high_severity_events.each(&block)
-      return @high_severity_count
-    end
-
-    # Return the total event count for a given host.
-    # @return [Integer]
-    #   Return the total event count for a given host.
-    # @example
-    #   host.event_count #=> 3456
-    def event_count
-      ((low_severity_events.to_i) + (medium_severity_events.to_i) + (high_severity_events.to_i)).to_i
-    end
-
-    # Creates a new Event object to be parser
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created Event object.
-    # @yieldparam [EVENT] prog The newly created Event object.
-    # @example
-    #   host.events do |event|
-    #     puts event.name if event.name
-    #     puts event.port
-    #   end
-    def events(&block)
-      @host.xpath("ReportItem").each do |event|
-        block.call(Event.new(event)) if block
-      end
-    end
-
-    # Parses the events of the host.
-    # @return [Array<String>]
-    #   The events of the host.
-    def all_events
-      Enumerator.new(self,:events).to_a
-    end
-
-  end
-end

data/lib/ruby-nessus/port.rb

@@ -1,86 +0,0 @@
-module Nessus
-  class Port
-
-    # Port Service
-    attr_reader :service
-    # Port number
-    attr_reader :number
-    # Port Protocol
-    attr_reader :protocol
-    # Raw output string from nessus
-    attr_reader :raw_string
-
-    # Creates A New Port Object
-    # @param [String] service The Port Service.
-    # @param [Integer] number The Port number.
-    # @param [String] protocol The Port protocol.
-    # @param [String] raw output string from nessus.
-    # @example
-    # Port.new("ssh",22,"tcp", str)
-    def initialize(service,number,protocol,raw_string)
-      @service = service
-      @number = number
-      @protocol = protocol
-      @raw_string = raw_string
-    end
-
-    # Parse A passed port string and return a Port Object.
-    # @return [Object]
-    #   New Port Object
-    # @example
-    #   Port.parse(port)
-    def Port.parse(str)
-      begin
-        @full_port = str
-        components = str.match(/^([^\(]+)\((\d+)\/([^\)]+)\)/)
-
-        if components
-          return Port.new(components[1].strip, components[2].strip, components[3].strip, str)
-        else
-          return Port.new(false, false, false, str)
-        end
-
-      end
-
-    end
-
-    # Return true iF port protocol Ii tcp.
-    # @return [Boolean]
-    #   Return True If The Port Protocol Is TCP.
-    def tcp?
-      @protocol == 'tcp'
-    end
-
-    # Return true iF port protocol Ii udp.
-    # @return [Boolean]
-    #   Return True If The Port Protocol Is UDP.
-    def udp?
-      @protocol == 'udp'
-    end
-
-    # Return the port as a string.
-    # @return [String]
-    #   Return The Port As A String
-    # @example
-    #   port.to_s #=> https (443/tcp)
-    def to_s
-      if @service && @number && @protocol
-        "#{@service} (#{@number}/#{@protocol})"
-      else
-        "#{@raw_string}"
-      end
-    end
-
-    # Return false if the port object number is nil
-    # @return [Boolean]
-    #   Return false if the port object number is nil
-    def number
-      if @number
-        return @number
-      else
-        false
-      end
-    end
-
-  end
-end

data/lib/ruby-nessus/xml.rb

@@ -1,298 +0,0 @@
-require 'ruby-nessus/host'
-require 'ruby-nessus/event'
-
-require 'nokogiri'
-require 'enumerator'
-require 'time'
-
-module Nessus
-  # File to parse
-  attr_reader :file
-
-  class XML
-    
-    include Enumerable
-
-    # Creates a new .Nessus (XML) object to be parser
-    # @param [String] file The Nessus xml results file to parse.
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created XML object.
-    # @yieldparam [XML] prog The newly created XML object.
-    # @example
-    #   Nessus::XML.new(nessus_scan_file) do |scan|
-    #     scan.report_name
-    #   end
-    def initialize(file, &block)
-
-      @file = File.open(file)
-      @xml = Nokogiri::XML.parse(@file.read)
-
-      block.call(self) if block
-    end
-
-    # Return the nessus report title.
-    # @return [String]
-    #   The Nessus Report Title
-    # @example
-    #   scan.report_name #=> "My Super Cool Nessus Report"
-    def title
-      @report_name ||= @xml.xpath("//NessusClientData//Report//ReportName").inner_text.split(' - ').last
-    end
-
-    # Return the nessus report time.
-    # @return [String]
-    #   The Nessus Report Time
-    # @example
-    #   scan.report_time #=> "09/11/08 02:21:22 AM"
-    def time
-      #09/11/08 02:21:22 AM
-      datetime = @xml.xpath("//NessusClientData//Report//ReportName").inner_text.split(' - ').first
-      @report_time ||= DateTime.strptime(datetime, fmt='%y/%m/%d %I:%M:%S %p')
-    end
-
-    # Return the scan start time.
-    # @return [DateTime]
-    #   The Nessus Scan Start Time
-    # @example
-    #   scan.start_time #=> 'Fri Nov 11 23:36:54 1985'
-    def start_time
-      @start_time = DateTime.strptime(@xml.xpath("//NessusClientData//Report//StartTime").inner_text, fmt='%a %b %d %H:%M:%S %Y')
-    end
-
-    # Return the scan stop time.
-    # @return [DateTime]
-    #   The Nessus Scan Stop Time
-    # @example
-    #   scan.stop_time #=> 'Mon Nov 11 23:36:54 1985'
-    def stop_time
-      @stop_time = DateTime.strptime(@xml.xpath("//NessusClientData//Report//StopTime").inner_text, fmt='%a %b %d %H:%M:%S %Y')
-    end
-
-    # Return the scan run time.
-    # @return [String]
-    #   The Nessus Scan Run Time
-    # @example
-    #   scan.runtime #=> '2 hours 5 minutes and 16 seconds'
-    def runtime
-      h = ("#{Time.parse(stop_time.to_s).strftime('%H').to_i - Time.parse(start_time.to_s).strftime('%H').to_i}").gsub('-', '')
-      m = ("#{Time.parse(stop_time.to_s).strftime('%M').to_i - Time.parse(start_time.to_s).strftime('%M').to_i}").gsub('-', '')
-      s = ("#{Time.parse(stop_time.to_s).strftime('%S').to_i - Time.parse(start_time.to_s).strftime('%S').to_i}").gsub('-', '')
-      return "#{h} hours #{m} minutes and #{s} seconds"
-    end
-
-    # Return the nessus scan policy name. When creating a nessus policy this is usually the title field.
-    # @return [String]
-    #   The Nessus Scan Policy Name
-    def policy_title
-      @policy_name ||= @xml.xpath("//NessusClientData//Report//policyName").inner_text
-    end
-
-    # Return the nessus scan policy comments. This is the description field when creating a new policy with the Nessus GUI client.
-    # @return [String]
-    #   The Nessus Scan Policy Comments
-    def policy_notes
-      @policy_comments ||= @xml.xpath("//NessusClientData//Report//policyComments").inner_text
-    end
-
-    # Returns and array of the plugin ids userd for the passed .nessus scan.
-    # @return [Array]
-    #   The Nessus Scan Plugin Ids
-    # @example
-    #   scan.plugin_ids #=> [1234,2343,9742,5452,5343,2423,1233]
-    def plugin_ids
-      unless @plugin_ids
-        @plugin_ids = []
-
-        @xml.xpath("//PluginSelection").last.text.split(';').each do |id|
-          @plugin_ids << id
-        end
-      end
-
-      @plugin_ids
-    end
-
-    # Returns and array of the plugin names userd for the passed .nessus scan.
-    # @return [Array]
-    #   The Nessus Scan Plugin Names
-    # @example
-    #   scan.plugins #=> ["PHP < 5.2.1 Multiple Vulnerabilities", "PHP < 4.4.1 / 5.0.6 Multiple Vulnerabilities"]
-    def plugins
-      unless @plugins
-        # get elements with attribute:
-        @plugins = []
-
-        @xml.xpath("//pluginName").each do |x|
-          @plugins << x.inner_text unless x.inner_text.empty?
-        end
-
-        @plugins.uniq!
-        @plugins.sort!
-      end
-
-      return @plugins
-    end
-
-    # Creates a new Host object to be parser
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created Host object.
-    # @yieldparam [XML] prog The newly created Host object.
-    # @example
-    #   scan.hosts do |host|
-    #     puts host.hostname
-    #   end
-    def hosts(&block)
-      hosts = []
-      @xml.xpath("//ReportHost").each do |host|
-        hosts << host.at('HostName').inner_text if host.at('HostName').inner_text
-        block.call(Host.new(host)) if block
-      end
-      hosts
-    end
-
-    # Parses the hosts of the scan.
-    # @return [Array<String>]
-    #   The Hosts of the scan.
-    def all_hosts
-      Enumerator.new(self,:hosts).to_a
-    end
-
-    # Return the nessus scan host count.
-    # @return [Integer]
-    #   The Nessus Scan Host Count
-    # @example
-    #   scan.host_count #=> 23
-    def host_count
-      hosts.size
-    end
-
-    # Retunrs an array of all unique ports.
-    # @return [Array]
-    # @example
-    #   scan.unique_ports #=> 234
-    def unique_ports
-      unless @unique_ports
-        @unique_ports = []
-        @xml.xpath("//ReportItem//port").each do |port|
-          @unique_ports << port.inner_text
-        end
-        @unique_ports.uniq!
-        @unique_ports.sort!
-      end
-    end
-
-    # Return the informational severity count.
-    # @return [Integer]
-    #   The Informational Severity Count
-    # @example
-    #   scan.informational_severity_count #=> 1203
-    def open_ports_count
-      count_severity[:open_ports].to_i
-    end
-
-    # Return the High severity count.
-    # @return [Integer]
-    #   The High Severity Count
-    # @example
-    #   scan.high_severity_count #=> 10
-    def high_severity_count
-      count_severity[:high].to_i
-    end
-
-    # Return the Medium severity count.
-    # @return [Integer]
-    #   The Medium Severity Count
-    # @example
-    #   scan.medium_severity_count #=> 234
-    def medium_severity_count
-      count_severity[:medium].to_i
-    end
-
-    # Return the Low severity count.
-    # @return [Integer]
-    #   The Low Severity Count
-    # @example
-    #   scan.low_severity_count #=> 114
-    def low_severity_count
-      count_severity[:low].to_i
-    end
-
-    # Return the Total severity count. [high, medium, low, informational]
-    # @return [Integer]
-    #   The Total Severity Count
-    # @example
-    #   scan.total_event_count #=> 1561
-    def total_event_count
-      count_severity[:all].to_i
-    end
-
-    # Return the Total severity count.
-    # @param [String] severity the severity in which to calculate percentage for.
-    # @param [Boolean] round round the result to the nearest whole number.
-    # @raise [ExceptionClass] One of the following severity options must be passed. [high, medium, low, informational, all]
-    # @return [Integer]
-    #   The Percentage Of Events For A Passed Severity
-    # @example
-    #   scan.event_percentage_for("low", true) #=> 11%
-    def event_percentage_for(type, round_percentage=false)
-      @sc ||= count_severity
-      if %W(high medium low all).include?(type)
-        calc = ((@sc[:"#{type}"].to_f / @sc[:all].to_f) * 100)
-        if round_percentage
-          return "#{calc.round}"
-        else
-          return "#{calc}"
-        end
-      else
-        raise "Error: #{type} is not an acceptable severity. Possible options include: all, high, medium, low and informational."
-      end
-    end
-
-    # Creates a new Host object to be parser from a passed search param.
-    # @param [String] hostname the hostname to build a Host object for.
-    # @yield [prog] If a block is given, it will be passed the newly
-    #               created Host object.
-    # @yieldparam [XML] prog The newly created Host object.
-    # @example
-    #   scan.find_by_hostname('127.0.0.1') do |host|
-    #     puts host.hostname
-    #   end
-    def find_by_hostname(hostname, &block)
-      raise "Error: hostname can't be blank." if hostname.blank?
-      @xml.xpath('//ReportHost[HostName]').each do |host|
-        next unless host.inner_text.match(hostname)
-        block.call(Host.new(host)) if block
-      end
-    end
-
-    private
-
-      # Calculates an event hash of totals for severity counts.
-      # @return [hash]
-      #   The Event Totals For Severity
-      def count_severity
-        unless @count
-          @count = {}
-          @open_ports = 0
-          @low = 0
-          @medium = 0
-          @high = 0
-
-          @xml.xpath("//ReportHost").each do |s|
-            @open_ports += s.at('num_ports').inner_text.to_i
-            @low += s.at('num_lo').inner_text.to_i
-            @medium += s.at('num_med').inner_text.to_i
-            @high += s.at('num_hi').inner_text.to_i
-          end
-
-          @count = { :open_ports => @open_ports,
-                     :low => @low,
-                     :medium => @medium,
-                     :high => @high,
-                     :all => (@low + @medium + @high) }
-        end
-
-        return @count
-      end
-
-  end
-end