Module: Nexpose

Defined in:

lib/nexpose.rb

Defined Under Namespace

Modules: NexposeAPI, Sanitize, XMLUtils Classes: APIError, APIRequest, AdminCredentials, AuthenticationFailed, Connection, Device, EngineActivity, EngineListing, EngineSummary, HostName, IPRange, Reference, ReportAdHoc, ReportConfig, ReportConfigSummary, ReportFilter, ReportHistory, ReportSchedule, ReportSection, ReportSummary, ReportTemplateListing, ReportTemplateSummary, ScanConfig, ScanFilter, ScanStatistics, ScanSummary, ScanTrigger, Schedule, Site, SiteConfig, SiteDeviceListing, SiteListing, SiteScanHistory, SiteSummary, SmtpAlert, SnmpAlert, SyslogAlert, VulnFilter, VulnerabilityDetail, VulnerabilityListing, VulnerabilitySummary

Class Method Summary

• .get_iso_8601_date(int_date) ⇒ Object

  Description Returns an ISO 8601 formatted date/time stamp.

• .getAttribute(attribute, xml) ⇒ Object

  Description TODO.

• .printXML(object) ⇒ Object

  Description Echos the last XML API request and response for the specified object.

• .site_device_scan(connection, site_id, device_array, host_array, debug = false) ⇒ Object

  TODO add.

• .testa(ip, port, user, passwd) ⇒ Object

Class Method Details

.get_iso_8601_date(int_date) ⇒ Object

Description

Returns an ISO 8601 formatted date/time stamp. All dates in NeXpose must use this format.

# File 'lib/nexpose.rb', line 2502

def self.get_iso_8601_date(int_date)
#@date_mod = date('Ymd\THis000', @int_date)
	date_mod = ''
return date_mod
end

.getAttribute(attribute, xml) ⇒ Object

Description

TODO

# File 'lib/nexpose.rb', line 2494

def self.getAttribute(attribute, xml)
	value = ''
	#@value = substr(substr(strstr(strstr(@xml,@attribute),'"'),1),0,strpos(substr(strstr(strstr(@xml,@attribute),'"'),1),'"'))
	return value
end

.printXML(object) ⇒ Object

Description

Echos the last XML API request and response for the specified object. (Useful for debugging)

# File 'lib/nexpose.rb', line 2510

def self.printXML(object)
	puts "request" + object.request_xml.to_s
	puts "response is " + object.response_xml.to_s
end

.site_device_scan(connection, site_id, device_array, host_array, debug = false) ⇒ Object

TODO add

# File 'lib/nexpose.rb', line 2472

def self.site_device_scan(connection, site_id, device_array, host_array, debug = false)

	request_xml = '<SiteDevicesScanRequest session-id="' + connection.session_id.to_s + '" site-id="' + site_id.to_s + '">'
	request_xml += '<Devices>'
	device_array.each do |d|
		request_xml += '<device id="' + d.to_s + '"/>'
	end
	request_xml += '</Devices>'
	request_xml += '<Hosts>'
	# The host array can only by single IP addresses for now. TODO: Expand to full API Spec.
	host_array.each do |h|
		request_xml += '<range from="' + h.to_s + '"/>'
	end
	request_xml += '</Hosts>'
	request_xml += '</SiteDevicesScanRequest>'

	r = connection.execute(request_xml)
	r.success ? { :engine_id => r.attributes['engine_id'], :scan_id => r.attributes['scan-id'] } : nil
end

.testa(ip, port, user, passwd) ⇒ Object

# File 'lib/nexpose.rb', line 2517

def self.testa(ip, port, user, passwd)
	nsc = Connection.new(ip, user, passwd, port)

	nsc.login
	site_listing = SiteListing.new(nsc)

	site_listing.sites.each do |site|
		puts "name is #{site.site_name}"
		puts "id is #{site.id}"
	end

=begin
	## Site Delete ##
	nsc.login
	status = deleteSite(nsc, '244', true)
	puts "status: #{status}"
=end
=begin
	nsc.login

	site = Site.new(nsc)
	site.setSiteConfig("New Site 3", "New Site Description")
	site.site_config.addHost(IPRange.new("10.1.90.86"))
	status = site.saveSite()
	report_config = ReportConfig.new(nsc)
	report_config.set_template_id("raw-xml")
	report_config.set_format("xml")
	report_config.addFilter("SiteFilter",site.site_id)
	report_config.set_generate_after_scan(1)
	report_config.set_storeOnServer(1)
	report_config.saveReport()
	puts report_config.config_id.to_s

	site.scanSite()

	nsc.logout
=end

=begin
	nsc.login
	site = Site.new(nsc)
	site.setSiteConfig("New Site 3", "New Site Description")
	site.site_config.addHost(IPRange.new("10.1.90.86"))
	status = site.saveSite()

	report_config = ReportConfig.new(nsc)
	report_config.set_template_id("audit-report")
	report_config.set_format("pdf")
	report_config.addFilter("SiteFilter",site.site_id)
	report_config.set_email_As("file")
	report_config.set_smtp_relay_server("")
	report_config.set_sender("nexpose@rapid7.com")
	report_config.addEmailRecipient("jabra@rapid7.com")
	report_config.set_generate_after_scan(1)
	report_config.saveReport()

	site.scanSite()
=end

	nsc.logout

=begin
	vuln_listing = VulnerabilityListing.new(nsc)
	vuln_listing.vulnerability_summaries.each do |v|
		puts "vuln id #{v.id}"
		exit
	end
	n.logout
=end


=begin
	nsc.login
	vuln_id = 'generic-icmp-timestamp'
	vuln = VulnerabilityDetail.new(n,vuln_id.to_s)
	puts "#{vuln.id}"
	puts "#{vuln.title}"
	puts "#{vuln.pciSeverity}"
	puts "#{vuln.cvssScore}"
	puts "#{vuln.cvssVector}"
	puts "#{vuln.description}"
	vuln.references.each do |r|
		puts "source: #{r.source}"
		puts "reference: #{r.reference}"
	end
	puts "#{vuln.solution}"
=end

=begin
	site = Site.new(n)
	site.setSiteConfig("New Site Name", "New Site Description")
	site.site_config.addHost(IPRange.new("10.1.90.86"))
	#site.site_config.addHost(HostName.new("localhost"))
	#site.site_config.addHost(IPRange.new("192.168.7.1","192.168.7.20"))
	#site.site_config.addHost(IPRange.new("10.1.90.130"))
	status = site.saveSite()

	puts "#{site.site_id}"
	site.scanSite
	nsc.logout
=end

=begin
	site = Site.new(nsc,'263')

	site.printSite()
	site.getSiteXML()
	puts "#{site.site_id}"
	puts "#{site.site_config.description}"
	puts "#{site.site_config.riskfactor}"
	nsc.logout
=end

	#site.scanSite()
=begin
	site_config = SiteConfig.new()


	my_site = site_config.getSiteConfig(n, '244')

	history = SiteScanHistory.new(n, '244')

	devices = SiteDeviceListing.new(n, '244')
=end

=begin
	site_listing = SiteListing.new(n)

	site_listing.sites.each do |site|
		puts "name is #{site.site_name}"
	end
=end

end