Module: Nexpose
- Defined in:
- lib/nexpose.rb
Defined Under Namespace
Modules: NexposeAPI, Sanitize, XMLUtils Classes: APIError, APIRequest, AdminCredentials, AuthenticationFailed, Connection, Device, EngineActivity, EngineListing, EngineSummary, HostName, IPRange, Reference, ReportAdHoc, ReportConfig, ReportConfigSummary, ReportFilter, ReportHistory, ReportSchedule, ReportSection, ReportSummary, ReportTemplateListing, ReportTemplateSummary, ScanConfig, ScanFilter, ScanStatistics, ScanSummary, ScanTrigger, Schedule, Site, SiteConfig, SiteDeviceListing, SiteListing, SiteScanHistory, SiteSummary, SmtpAlert, SnmpAlert, SyslogAlert, VulnFilter, VulnerabilityDetail, VulnerabilityListing, VulnerabilitySummary
Class Method Summary collapse
-
.get_iso_8601_date(int_date) ⇒ Object
Description Returns an ISO 8601 formatted date/time stamp.
-
.getAttribute(attribute, xml) ⇒ Object
Description TODO.
-
.printXML(object) ⇒ Object
Description Echos the last XML API request and response for the specified object.
-
.site_device_scan(connection, site_id, device_array, host_array, debug = false) ⇒ Object
TODO add.
- .testa(ip, port, user, passwd) ⇒ Object
Class Method Details
.get_iso_8601_date(int_date) ⇒ Object
Description
Returns an ISO 8601 formatted date/time stamp. All dates in NeXpose must use this format.
2360 2361 2362 2363 2364 |
# File 'lib/nexpose.rb', line 2360 def self.get_iso_8601_date(int_date) #@date_mod = date('Ymd\THis000', @int_date) date_mod = '' return date_mod end |
.getAttribute(attribute, xml) ⇒ Object
Description
TODO
2352 2353 2354 2355 2356 |
# File 'lib/nexpose.rb', line 2352 def self.getAttribute(attribute, xml) value = '' #@value = substr(substr(strstr(strstr(@xml,@attribute),'"'),1),0,strpos(substr(strstr(strstr(@xml,@attribute),'"'),1),'"')) return value end |
.printXML(object) ⇒ Object
Description
Echos the last XML API request and response for the specified object. (Useful for debugging)
2368 2369 2370 2371 |
# File 'lib/nexpose.rb', line 2368 def self.printXML(object) puts "request" + object.request_xml.to_s puts "response is " + object.response_xml.to_s end |
.site_device_scan(connection, site_id, device_array, host_array, debug = false) ⇒ Object
TODO add
2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 |
# File 'lib/nexpose.rb', line 2330 def self.site_device_scan(connection, site_id, device_array, host_array, debug = false) request_xml = '<SiteDevicesScanRequest session-id="' + connection.session_id.to_s + '" site-id="' + site_id.to_s + '">' request_xml += '<Devices>' device_array.each do |d| request_xml += '<device id="' + d.to_s + '"/>' end request_xml += '</Devices>' request_xml += '<Hosts>' # The host array can only by single IP addresses for now. TODO: Expand to full API Spec. host_array.each do |h| request_xml += '<range from="' + h.to_s + '"/>' end request_xml += '</Hosts>' request_xml += '</SiteDevicesScanRequest>' r = connection.execute(request_xml) r.success ? { :engine_id => r.attributes['engine_id'], :scan_id => r.attributes['scan-id'] } : nil end |
.testa(ip, port, user, passwd) ⇒ Object
2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 2439 2440 2441 2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460 2461 2462 2463 2464 2465 2466 2467 2468 2469 2470 2471 2472 2473 2474 2475 2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2497 2498 2499 2500 2501 2502 2503 2504 2505 2506 2507 2508 |
# File 'lib/nexpose.rb', line 2375 def self.testa(ip, port, user, passwd) nsc = Connection.new(ip, user, passwd, port) nsc.login site_listing = SiteListing.new(nsc) site_listing.sites.each do |site| puts "name is #{site.site_name}" puts "id is #{site.id}" end =begin ## Site Delete ## nsc.login status = deleteSite(nsc, '244', true) puts "status: #{status}" =end =begin nsc.login site = Site.new(nsc) site.setSiteConfig("New Site 3", "New Site Description") site.site_config.addHost(IPRange.new("10.1.90.86")) status = site.saveSite() report_config = ReportConfig.new(nsc) report_config.set_template_id("raw-xml") report_config.set_format("xml") report_config.addFilter("SiteFilter",site.site_id) report_config.set_generate_after_scan(1) report_config.set_storeOnServer(1) report_config.saveReport() puts report_config.config_id.to_s site.scanSite() nsc.logout =end =begin nsc.login site = Site.new(nsc) site.setSiteConfig("New Site 3", "New Site Description") site.site_config.addHost(IPRange.new("10.1.90.86")) status = site.saveSite() report_config = ReportConfig.new(nsc) report_config.set_template_id("audit-report") report_config.set_format("pdf") report_config.addFilter("SiteFilter",site.site_id) report_config.set_email_As("file") report_config.set_smtp_relay_server("") report_config.set_sender("[email protected]") report_config.addEmailRecipient("[email protected]") report_config.set_generate_after_scan(1) report_config.saveReport() site.scanSite() =end nsc.logout =begin vuln_listing = VulnerabilityListing.new(nsc) vuln_listing.vulnerability_summaries.each do |v| puts "vuln id #{v.id}" exit end n.logout =end =begin nsc.login vuln_id = 'generic-icmp-timestamp' vuln = VulnerabilityDetail.new(n,vuln_id.to_s) puts "#{vuln.id}" puts "#{vuln.title}" puts "#{vuln.pciSeverity}" puts "#{vuln.cvssScore}" puts "#{vuln.cvssVector}" puts "#{vuln.description}" vuln.references.each do |r| puts "source: #{r.source}" puts "reference: #{r.reference}" end puts "#{vuln.solution}" =end =begin site = Site.new(n) site.setSiteConfig("New Site Name", "New Site Description") site.site_config.addHost(IPRange.new("10.1.90.86")) #site.site_config.addHost(HostName.new("localhost")) #site.site_config.addHost(IPRange.new("192.168.7.1","192.168.7.20")) #site.site_config.addHost(IPRange.new("10.1.90.130")) status = site.saveSite() puts "#{site.site_id}" site.scanSite nsc.logout =end =begin site = Site.new(nsc,'263') site.printSite() site.getSiteXML() puts "#{site.site_id}" puts "#{site.site_config.description}" puts "#{site.site_config.riskfactor}" nsc.logout =end #site.scanSite() =begin site_config = SiteConfig.new() my_site = site_config.getSiteConfig(n, '244') history = SiteScanHistory.new(n, '244') devices = SiteDeviceListing.new(n, '244') =end =begin site_listing = SiteListing.new(n) site_listing.sites.each do |site| puts "name is #{site.site_name}" end =end end |